Mozilla developers reported memory safety bugs present in Firefox 88. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 89.
References
Link | Resource |
---|---|
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1660307%2C1686154%2C1702948%2C1708124 | Issue Tracking Broken Link |
https://security.gentoo.org/glsa/202107-09 | Third Party Advisory |
https://www.mozilla.org/security/advisories/mfsa2021-23/ | Release Notes Vendor Advisory |
Configurations
History
03 May 2022, 16:04
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-787 |
20 Sep 2021, 18:50
Type | Values Removed | Values Added |
---|---|---|
References |
|
25 Jun 2021, 13:22
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* | |
References | (MISC) https://www.mozilla.org/security/advisories/mfsa2021-23/ - Release Notes, Vendor Advisory | |
References | (MISC) https://bugzilla.mozilla.org/buglist.cgi?bug_id=1660307%2C1686154%2C1702948%2C1708124 - Issue Tracking, Broken Link | |
CWE | CWE-119 | |
CVSS |
v2 : v3 : |
v2 : 6.8
v3 : 8.8 |
24 Jun 2021, 14:20
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-06-24 14:15
Updated : 2023-12-10 13:55
NVD link : CVE-2021-29966
Mitre link : CVE-2021-29966
CVE.ORG link : CVE-2021-29966
JSON object : View
Products Affected
mozilla
- firefox
CWE
CWE-787
Out-of-bounds Write