When `UpdateRegExpStatics` attempted to access ...
Moderate severity
Unreviewed
Published
Sep 11, 2023
to the GitHub Advisory Database
•
Updated Apr 4, 2024
Description
Published by the National Vulnerability Database
Sep 11, 2023
Published to the GitHub Advisory Database
Sep 11, 2023
Last updated
Apr 4, 2024
When
UpdateRegExpStatics
attempted to accessinitialStringHeap
it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.References