CVE-2021-4129

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-4129

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-4129.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-4129

Downstream

DEBIAN-CVE-2021-4129

DSA-5026-1

DSA-5034-1

RHSA-2021:5013

RHSA-2021:5014

RHSA-2021:5015

RHSA-2021:5016

RHSA-2021:5017

RHSA-2021:5045

RHSA-2021:5046

RHSA-2021:5047

RHSA-2021:5048

RHSA-2021:5055

UBUNTU-CVE-2021-4129

USN-5248-1

Related

Published

2022-12-22T20:15:12Z

Modified

2025-08-09T19:01:27Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported memory safety bugs present in Firefox 94. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 95, Firefox ESR < 91.4.0, and Thunderbird < 91.4.0.

References

Affected packages