---

CVE-2021-23954 - log back

CVE-2021-23954 edited at 26 Jan 2021 21:02:44
Description	- A security issue was found in Firefox before version 85.0. Using the new logical assignment operators in a JavaScript switch statement could have caused a type confusion, leading to a memory corruption and a potentially exploitable crash. + A security issue was found in Firefox before version 85.0 and Thunderbird before version 78.7. Using the new logical assignment operators in a JavaScript switch statement could have caused a type confusion, leading to a memory corruption and a potentially exploitable crash.
References	https://www.mozilla.org/en-US/security/advisories/mfsa2021-03/#CVE-2021-23954 + https://www.mozilla.org/en-US/security/advisories/mfsa2021-05/#CVE-2021-23954 https://bugzilla.mozilla.org/show_bug.cgi?id=1684020

CVE-2021-23954 edited at 26 Jan 2021 14:16:21
Severity	- Unknown + High
Remote	- Unknown + Remote
Type	- Unknown + Arbitrary code execution
Description	+ A security issue was found in Firefox before version 85.0. Using the new logical assignment operators in a JavaScript switch statement could have caused a type confusion, leading to a memory corruption and a potentially exploitable crash.
References	+ https://www.mozilla.org/en-US/security/advisories/mfsa2021-03/#CVE-2021-23954 + https://bugzilla.mozilla.org/show_bug.cgi?id=1684020
Notes

CVE-2021-23954 created at 26 Jan 2021 14:13:53