CVE-2025-45663
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-11-03
Last updated on: 2025-11-05
Assigner: MITRE
Description
Description
An issue in NetSurf v3.11 causes the application to read uninitialized heap memory when creating a dom_event structure.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| netsurf-browser | netsurf | 3.11 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-244 | Using realloc() to resize buffers that store sensitive information can leave the sensitive information exposed to attack, because it is not removed from memory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in NetSurf v3.11 causes the application to read uninitialized heap memory when creating a dom_event structure. This means that the program may access memory that has not been properly initialized, potentially leading to unpredictable behavior or security issues.
How can this vulnerability impact me? :
Reading uninitialized heap memory can lead to application crashes, data leakage, or other unpredictable behavior, which may compromise the stability and security of the application.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70