Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2023-AVI-0783
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Mozilla. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Mozilla | Firefox | Firefox versions antérieures à 118 | ||
| Mozilla | Firefox ESR | Firefox ESR versions antérieures à 115.3 | ||
| Mozilla | Thunderbird | Thunderbird versions antérieures à 115.3 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Firefox versions ant\u00e9rieures \u00e0 118",
"product": {
"name": "Firefox",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Firefox ESR versions ant\u00e9rieures \u00e0 115.3",
"product": {
"name": "Firefox ESR",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Thunderbird versions ant\u00e9rieures \u00e0 115.3",
"product": {
"name": "Thunderbird",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-5173",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5173"
},
{
"name": "CVE-2023-5176",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5176"
},
{
"name": "CVE-2023-5175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5175"
},
{
"name": "CVE-2023-5171",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5171"
},
{
"name": "CVE-2023-5174",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5174"
},
{
"name": "CVE-2023-5170",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5170"
},
{
"name": "CVE-2023-5172",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5172"
},
{
"name": "CVE-2023-5168",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5168"
},
{
"name": "CVE-2023-5169",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5169"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0783",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-09-27T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nMozilla. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Mozilla",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-42 du 28 ao\u00fbt 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-42/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-43 du 28 ao\u00fbt 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-43/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-41 du 28 ao\u00fbt 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-41/"
}
]
}
CVE-2023-5174 (GCVE-0-2023-5174)
Vulnerability from cvelistv5 – Published: 2023-09-27 14:13 – Updated: 2025-05-05 14:59
VLAI?
EPSS
Summary
If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash.
*This bug only affects Firefox on Windows when run in non-standard configurations (such as using `runas`). Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.
Severity ?
9.8 (Critical)
CWE
- Double-free in process spawning on Windows
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 118
(custom)
|
||||||||||||
|
||||||||||||||
Credits
Ronald Crane
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:07.541Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1848454"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-41/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-42/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-43/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-5174",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:27:08.668376Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T14:59:34.904Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "118",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ronald Crane"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash.\u003cbr\u003e*This bug only affects Firefox on Windows when run in non-standard configurations (such as using \u003ccode\u003erunas\u003c/code\u003e). Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 118, Firefox ESR \u003c 115.3, and Thunderbird \u003c 115.3."
}
],
"value": "If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash.\n*This bug only affects Firefox on Windows when run in non-standard configurations (such as using `runas`). Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 118, Firefox ESR \u003c 115.3, and Thunderbird \u003c 115.3."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Double-free in process spawning on Windows",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-27T14:13:19.990Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1848454"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-41/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-42/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-43/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-5174",
"datePublished": "2023-09-27T14:13:19.990Z",
"dateReserved": "2023-09-25T15:03:43.655Z",
"dateUpdated": "2025-05-05T14:59:34.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5173 (GCVE-0-2023-5173)
Vulnerability from cvelistv5 – Published: 2023-09-27 14:13 – Updated: 2025-02-13 17:19
VLAI?
EPSS
Summary
In a non-standard configuration of Firefox, an integer overflow could have occurred based on network traffic (possibly under influence of a local unprivileged webpage), leading to an out-of-bounds write to privileged process memory.
*This bug only affects Firefox if a non-standard preference allowing non-HTTPS Alternate Services (`network.http.altsvc.oe`) is enabled.* This vulnerability affects Firefox < 118.
Severity ?
No CVSS data available.
CWE
- Out-of-bounds write in HTTP Alternate Services
Assigner
References
Credits
Ronald Crane
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:07.552Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1823172"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-41/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "118",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ronald Crane"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In a non-standard configuration of Firefox, an integer overflow could have occurred based on network traffic (possibly under influence of a local unprivileged webpage), leading to an out-of-bounds write to privileged process memory. \u003cbr\u003e*This bug only affects Firefox if a non-standard preference allowing non-HTTPS Alternate Services (\u003ccode\u003enetwork.http.altsvc.oe\u003c/code\u003e) is enabled.* This vulnerability affects Firefox \u003c 118."
}
],
"value": "In a non-standard configuration of Firefox, an integer overflow could have occurred based on network traffic (possibly under influence of a local unprivileged webpage), leading to an out-of-bounds write to privileged process memory. \n*This bug only affects Firefox if a non-standard preference allowing non-HTTPS Alternate Services (`network.http.altsvc.oe`) is enabled.* This vulnerability affects Firefox \u003c 118."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds write in HTTP Alternate Services",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T11:07:30.918Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1823172"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-41/"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-5173",
"datePublished": "2023-09-27T14:13:51.511Z",
"dateReserved": "2023-09-25T15:03:43.198Z",
"dateUpdated": "2025-02-13T17:19:50.296Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5171 (GCVE-0-2023-5171)
Vulnerability from cvelistv5 – Published: 2023-09-27 14:13 – Updated: 2025-02-13 17:19
VLAI?
EPSS
Summary
During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.
Severity ?
No CVSS data available.
CWE
- Use-after-free in Ion Compiler
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 118
(custom)
|
||||||||||||
|
||||||||||||||
Credits
Lukas Bernhard
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:07.557Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1851599"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-41/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-42/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-43/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5506"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00034.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5513"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5171",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-23T19:24:47.238155Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-23T19:24:55.774Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "118",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Lukas Bernhard"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. This vulnerability affects Firefox \u003c 118, Firefox ESR \u003c 115.3, and Thunderbird \u003c 115.3."
}
],
"value": "During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. This vulnerability affects Firefox \u003c 118, Firefox ESR \u003c 115.3, and Thunderbird \u003c 115.3."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use-after-free in Ion Compiler",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-09T15:06:15.632Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1851599"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-41/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-42/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-43/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5506"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00034.html"
},
{
"url": "https://www.debian.org/security/2023/dsa-5513"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-5171",
"datePublished": "2023-09-27T14:13:12.642Z",
"dateReserved": "2023-09-25T15:03:42.289Z",
"dateUpdated": "2025-02-13T17:19:49.191Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5172 (GCVE-0-2023-5172)
Vulnerability from cvelistv5 – Published: 2023-09-27 14:13 – Updated: 2025-05-01 17:54
VLAI?
EPSS
Summary
A hashtable in the Ion Engine could have been mutated while there was a live interior reference, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox < 118.
Severity ?
9.8 (Critical)
CWE
- Memory Corruption in Ion Hints
Assigner
References
Credits
Mozilla Fuzzing Team
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:07.786Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1852218"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-41/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-5172",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:27:05.237568Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-01T17:54:52.409Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "118",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mozilla Fuzzing Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A hashtable in the Ion Engine could have been mutated while there was a live interior reference, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox \u003c 118."
}
],
"value": "A hashtable in the Ion Engine could have been mutated while there was a live interior reference, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox \u003c 118."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption in Ion Hints",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T11:07:57.299Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1852218"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-41/"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-5172",
"datePublished": "2023-09-27T14:13:33.980Z",
"dateReserved": "2023-09-25T15:03:42.733Z",
"dateUpdated": "2025-05-01T17:54:52.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5168 (GCVE-0-2023-5168)
Vulnerability from cvelistv5 – Published: 2023-09-27 14:12 – Updated: 2025-05-01 20:13
VLAI?
EPSS
Summary
A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process.
*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.
Severity ?
9.8 (Critical)
CWE
- Out-of-bounds write in FilterNodeD2D1
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 118
(custom)
|
||||||||||||
|
||||||||||||||
Credits
sonakkbi
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:07.322Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1846683"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-41/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-42/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-43/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-5168",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:27:10.568093Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-01T20:13:54.748Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "118",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "sonakkbi"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A compromised content process could have provided malicious data to \u003ccode\u003eFilterNodeD2D1\u003c/code\u003e resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process.\u003cbr\u003e*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 118, Firefox ESR \u003c 115.3, and Thunderbird \u003c 115.3."
}
],
"value": "A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process.\n*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 118, Firefox ESR \u003c 115.3, and Thunderbird \u003c 115.3."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds write in FilterNodeD2D1",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-10T14:47:08.847Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1846683"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-41/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-42/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-43/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-5168",
"datePublished": "2023-09-27T14:12:58.905Z",
"dateReserved": "2023-09-25T15:03:40.914Z",
"dateUpdated": "2025-05-01T20:13:54.748Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5175 (GCVE-0-2023-5175)
Vulnerability from cvelistv5 – Published: 2023-09-27 14:13 – Updated: 2025-05-01 20:07
VLAI?
EPSS
Summary
During process shutdown, it was possible that an `ImageBitmap` was created that would later be used after being freed from a different codepath, leading to a potentially exploitable crash. This vulnerability affects Firefox < 118.
Severity ?
9.8 (Critical)
CWE
- Use-after-free of ImageBitmap during process shutdown
Assigner
References
Credits
Yangkang of 360 ATA Team
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:07.544Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1849704"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-41/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-5175",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:27:03.261740Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-01T20:07:54.778Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "118",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Yangkang of 360 ATA Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "During process shutdown, it was possible that an \u003ccode\u003eImageBitmap\u003c/code\u003e was created that would later be used after being freed from a different codepath, leading to a potentially exploitable crash. This vulnerability affects Firefox \u003c 118."
}
],
"value": "During process shutdown, it was possible that an `ImageBitmap` was created that would later be used after being freed from a different codepath, leading to a potentially exploitable crash. This vulnerability affects Firefox \u003c 118."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use-after-free of ImageBitmap during process shutdown",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T11:06:30.820Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1849704"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-41/"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-5175",
"datePublished": "2023-09-27T14:13:57.892Z",
"dateReserved": "2023-09-25T15:03:44.093Z",
"dateUpdated": "2025-05-01T20:07:54.778Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5169 (GCVE-0-2023-5169)
Vulnerability from cvelistv5 – Published: 2023-09-27 14:13 – Updated: 2025-02-13 17:19
VLAI?
EPSS
Summary
A compromised content process could have provided malicious data in a `PathRecording` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.
Severity ?
No CVSS data available.
CWE
- Out-of-bounds write in PathOps
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 118
(custom)
|
||||||||||||
|
||||||||||||||
Credits
sonakkbi
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:07.308Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1846685"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-41/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-42/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-43/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5506"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00034.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5513"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5169",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-23T19:25:15.758715Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-23T19:25:25.016Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "118",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "sonakkbi"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A compromised content process could have provided malicious data in a \u003ccode\u003ePathRecording\u003c/code\u003e resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox \u003c 118, Firefox ESR \u003c 115.3, and Thunderbird \u003c 115.3."
}
],
"value": "A compromised content process could have provided malicious data in a `PathRecording` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox \u003c 118, Firefox ESR \u003c 115.3, and Thunderbird \u003c 115.3."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds write in PathOps",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-09T15:06:23.557Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1846685"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-41/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-42/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-43/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5506"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00034.html"
},
{
"url": "https://www.debian.org/security/2023/dsa-5513"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-5169",
"datePublished": "2023-09-27T14:13:08.573Z",
"dateReserved": "2023-09-25T15:03:41.394Z",
"dateUpdated": "2025-02-13T17:19:46.801Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5176 (GCVE-0-2023-5176)
Vulnerability from cvelistv5 – Published: 2023-09-27 14:13 – Updated: 2025-05-01 17:53
VLAI?
EPSS
Summary
Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.
Severity ?
9.8 (Critical)
CWE
- Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 118
(custom)
|
||||||||||||
|
||||||||||||||
Credits
Chris Peterson, Andrew McCreight, André Bargull, Nika Layzell and the Mozilla Fuzzing Team
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:07.759Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3",
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1836353%2C1842674%2C1843824%2C1843962%2C1848890%2C1850180%2C1850983%2C1851195"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-41/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-42/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-43/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5506"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00034.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5513"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-5176",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:27:06.971475Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-01T17:53:11.846Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "118",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Chris Peterson, Andrew McCreight, Andr\u00e9 Bargull, Nika Layzell and the Mozilla Fuzzing Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 118, Firefox ESR \u003c 115.3, and Thunderbird \u003c 115.3."
}
],
"value": "Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 118, Firefox ESR \u003c 115.3, and Thunderbird \u003c 115.3."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-09T15:06:21.738Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"name": "Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3",
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1836353%2C1842674%2C1843824%2C1843962%2C1848890%2C1850180%2C1850983%2C1851195"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-41/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-42/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-43/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5506"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00034.html"
},
{
"url": "https://www.debian.org/security/2023/dsa-5513"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-5176",
"datePublished": "2023-09-27T14:13:25.411Z",
"dateReserved": "2023-09-25T15:03:44.531Z",
"dateUpdated": "2025-05-01T17:53:11.846Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5170 (GCVE-0-2023-5170)
Vulnerability from cvelistv5 – Published: 2023-09-27 14:13 – Updated: 2025-02-13 17:19
VLAI?
EPSS
Summary
In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data was leaked. This vulnerability affects Firefox < 118.
Severity ?
No CVSS data available.
CWE
- Memory leak from a privileged process
Assigner
References
Credits
sonakkbi
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:07.531Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1846686"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-41/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5170",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-23T19:24:17.255460Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-23T19:24:25.537Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "118",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "sonakkbi"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data was leaked. This vulnerability affects Firefox \u003c 118."
}
],
"value": "In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data was leaked. This vulnerability affects Firefox \u003c 118."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory leak from a privileged process",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T11:07:23.956Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1846686"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-41/"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-5170",
"datePublished": "2023-09-27T14:13:28.264Z",
"dateReserved": "2023-09-25T15:03:41.844Z",
"dateUpdated": "2025-02-13T17:19:47.978Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…