Memory Corruption Vulnerability in Mozilla Products
CVE-2023-29535
6.5MEDIUM
Key Information:
- Vendor
Mozilla
- Vendor
- CVE Published:
- 2 June 2023
What is CVE-2023-29535?
This vulnerability arises from a flaw during Garbage Collector compaction, where weak maps could be accessed before proper tracing was executed. Such a scenario leads to potential memory corruption, which can cause crashes and might be leveraged for exploitation. The affected versions include Firefox, Focus for Android, and Thunderbird, all of which may expose users to security risks.
Affected Version(s)
Firefox < 112
Firefox ESR < 102.10
Firefox for Android < 112