CVE-2023-4049

Summary

Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable use-after-free vulnerabilities. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 116affected
MozillaFirefox ESRunspecified < 102.14affected
MozillaFirefox ESRunspecified < 115.1affected

Weaknesses

  • Fix potential race conditions when releasing platform objects

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References