CVE-2024-5694 | THREATINT

Description

An attacker could have caused a use-after-free in the JavaScript engine to read memory in the JavaScript string section of the heap. This vulnerability affects Firefox < 127.

PUBLISHED Reserved 2024-06-06 | Published 2024-06-11 | Updated 2025-03-14 | Assigner mozilla

Problem types

Use-after-free in JavaScript Strings

Product status

Any version before 127

affected

Credits

Lukas Bernhard

References

bugzilla.mozilla.org/show_bug.cgi?id=1895055

www.mozilla.org/security/advisories/mfsa2024-25/

cve.org (CVE-2024-5694)

nvd.nist.gov (CVE-2024-5694)

Download JSON