Description
A transient execution vulnerability, named Floating Point Value Injection (FPVI) allowed an attacker to leak arbitrary memory addresses and may have also enabled JIT type confusion attacks. (A related vulnerability, Speculative Code Store Bypass (SCSB), did not affect Firefox.). This vulnerability affects Firefox ESR < 78.9 and Firefox < 87.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2021-16414 | A transient execution vulnerability, named Floating Point Value Injection (FPVI) allowed an attacker to leak arbitrary memory addresses and may have also enabled JIT type confusion attacks. (A related vulnerability, Speculative Code Store Bypass (SCSB), did not affect Firefox.). This vulnerability affects Firefox ESR < 78.9 and Firefox < 87. |
References
History
No history.
Status: PUBLISHED
Assigner: mozilla
Published:
Updated: 2024-08-03T22:18:03.308Z
Reserved: 2021-04-01T00:00:00.000Z
Link: CVE-2021-29955
No data.
Status : Modified
Published: 2021-06-24T14:15:10.053
Modified: 2026-06-17T03:48:30.357
Link: CVE-2021-29955
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
EUVD