Firefox 115 Patches High-Severity Use-After-Free Vulnerabilities


Mozilla released Firefox 115 to the stable channel on Tuesday, patching 12 vulnerabilities, including two very serious use-after-free flaws. The first of the high-severity flaws, tracked as CVE-2023-37201, is referred to as a use-after-free hole in WebRTC certificate production.

WebRTC is an open source project that uses application programming interfaces (APIs) to enable real-time communication in web browsers and mobile applications.x000D In a warning, Mozilla states that “when creating a WebRTC connection over HTTPS, an attacker could have triggered a use-after-free condition.”

Read More…