Unrated severityNVD Advisory· Published Sep 6, 2024· Updated Oct 30, 2025
Type Confusion in Async Generators in Javascript Engine
CVE-2024-7652
Description
An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- osv-coords6 versionspkg:apk/chainguard/firefoxpkg:apk/chainguard/firefox-esrpkg:apk/wolfi/firefoxpkg:rpm/almalinux/firefoxpkg:rpm/almalinux/firefox-x11pkg:rpm/almalinux/thunderbird
< 128-r0+ 5 more
- (no CPE)range: < 128-r0
- (no CPE)range: < 128-r0
- (no CPE)range: < 128-r0
- (no CPE)range: < 128.2.0-1.el9_4.alma.1
- (no CPE)range: < 128.2.0-1.el9_4.alma.1
- (no CPE)range: < 128.2.0-1.el9_4.alma.1
unspecified+ 1 more
- (no CPE)range: unspecified
- (no CPE)range: unspecified
- Range: unspecified
Patches
Vulnerability mechanics
References
6- bugzilla.mozilla.org/show_bug.cgimitre
- github.com/tc39/ecma262/security/advisories/GHSA-g38c-wh3c-5h9rmitre
- www.mozilla.org/security/advisories/mfsa2024-29/mitre
- www.mozilla.org/security/advisories/mfsa2024-30/mitre
- www.mozilla.org/security/advisories/mfsa2024-31/mitre
- www.mozilla.org/security/advisories/mfsa2024-32/mitre
News mentions
0No linked articles in our index yet.