VYPR
Unrated severityNVD Advisory· Published Sep 11, 2023· Updated Dec 18, 2025

Memory corruption in IPC FilePickerShownCallback

CVE-2023-4575

Description

When creating a callback over IPC for showing the File Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

37

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.