CVE-2024-3853

Summary

A use-after-free could result if a JavaScript realm was in the process of being initialized when a garbage collection started. This vulnerability affects Firefox < 125.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 125affected

Weaknesses

  • Use-after-free if garbage collection runs during realm initialization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References