CVE-2021-23997

Summary

Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox < 88.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 88affected

Weaknesses

  • Use-after-free when freeing fonts from cache

ADP Enrichment

CVE Program Container

Additional References

References