CVE-2023-29543

CWE-416Use After FreeCWE-11611 documents8 sources
Severity
8.8HIGH
EPSS
0.3%
top 45.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Mozilla FirefoxMozilla Firefox FOR AndroidMozilla Focus FOR Android+1 more
Timeline
PublishedJun 2
Latest updateJun 13

Description

An attacker could have caused memory corruption and a potentially exploitable use-after-free of a pointer in a global object's debugger vector. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages6 packages

CVEListV5mozilla/firefox_for_androidunspecified112
CVEListV5mozilla/focus_for_androidunspecified112
CVEListV5mozilla/firefoxunspecified112
NVDmozilla/firefox< 112.0
Ubuntufirefox< 112.0+build2-0ubuntu0.18.04.1+1

🔴Vulnerability Details

6
CVEList
CVE-2023-29543: An attacker could have caused memory corruption and a potentially exploitable use-after-free of a pointer in a global object's debugger vector2023-06-02
GHSA
GHSA-6r82-wmjx-mx6j: An attacker could have caused memory corruption and a potentially exploitable use-after-free of a pointer in a global object's debugger vector2023-06-02
OSV
firefox regressions2023-04-26
OSV
firefox regressions2023-04-18
OSV
firefox vulnerabilities2023-04-12

📋Vendor Advisories

4
Microsoft
An attacker could have caused memory corruption and a potentially exploitable use-after-free of a pointer in a global object's debugger vector. This vulnerability affects Firefox for Android < 112, Fi2023-06-13
Ubuntu
Firefox vulnerabilities2023-04-12
Debian
CVE-2023-29543: firefox - An attacker could have caused memory corruption and a potentially exploitable us...2023
Mozilla
Mozilla Foundation Security Advisory 2023-13: CVE-2023-29543
CVE-2023-29543 (HIGH CVSS 8.8) | An attacker could have caused memor | cvebase.io