CVE-2025-47154

{"id": "CVE-2025-47154", "cveTags": [{"tags": ["disputed"], "sourceIdentifier": "cve@mitre.org"}], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cve@mitre.org", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.0, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 2.2}]}, "published": "2025-05-01T08:15:17.950", "references": [{"url": "https://github.com/LadybirdBrowser/ladybird/commit/f5a670421954fc7130c3685b713c621b29516669", "source": "cve@mitre.org"}, {"url": "https://jessie.cafe/posts/pwning-ladybirds-libjs/", "source": "cve@mitre.org"}, {"url": "https://news.ycombinator.com/item?id=43852096", "source": "cve@mitre.org"}, {"url": "https://jessie.cafe/posts/pwning-ladybirds-libjs/", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "cve@mitre.org", "description": [{"lang": "en", "value": "CWE-820"}]}], "descriptions": [{"lang": "en", "value": "LibJS in Ladybird before f5a6704 mishandles the freeing of the vector that arguments_list references, leading to a use-after-free, and allowing remote attackers to execute arbitrary code via a crafted .js file. NOTE: the GitHub README says \"Ladybird is in a pre-alpha state, and only suitable for use by developers.\""}, {"lang": "es", "value": "LibJS en Ladybird anterior a f5a6704 gestiona incorrectamente la liberaci\u00f3n del vector al que hace referencia arguments_list, lo que provoca un use-after-free y permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante un archivo .js manipulado. NOTA: El README de GitHub indica que \u00abLadybird se encuentra en estado pre-alfa y solo es apto para desarrolladores\u00bb."}], "lastModified": "2025-05-02T13:53:40.163", "sourceIdentifier": "cve@mitre.org"}