Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2023-AVI-1048
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Mozilla. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une atteinte à la confidentialité des données, une exécution de code arbitraire à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Mozilla | Firefox | Firefox versions antérieures à 121 | ||
| Mozilla | Thunderbird | Thunderbird versions antérieures à 115.6 | ||
| Mozilla | Firefox ESR | Firefox ESR versions antérieures à 115.6 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Firefox versions ant\u00e9rieures \u00e0 121",
"product": {
"name": "Firefox",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Thunderbird versions ant\u00e9rieures \u00e0 115.6",
"product": {
"name": "Thunderbird",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Firefox ESR versions ant\u00e9rieures \u00e0 115.6",
"product": {
"name": "Firefox ESR",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-6867",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6867"
},
{
"name": "CVE-2023-6862",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6862"
},
{
"name": "CVE-2023-50762",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50762"
},
{
"name": "CVE-2023-6857",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6857"
},
{
"name": "CVE-2023-6858",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6858"
},
{
"name": "CVE-2023-6869",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6869"
},
{
"name": "CVE-2023-6135",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6135"
},
{
"name": "CVE-2023-6865",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6865"
},
{
"name": "CVE-2023-6868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6868"
},
{
"name": "CVE-2023-6861",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6861"
},
{
"name": "CVE-2023-50761",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50761"
},
{
"name": "CVE-2023-6870",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6870"
},
{
"name": "CVE-2023-6871",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6871"
},
{
"name": "CVE-2023-6860",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6860"
},
{
"name": "CVE-2023-6864",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6864"
},
{
"name": "CVE-2023-6863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6863"
},
{
"name": "CVE-2023-6872",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6872"
},
{
"name": "CVE-2023-6859",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6859"
},
{
"name": "CVE-2023-6873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6873"
},
{
"name": "CVE-2023-6856",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6856"
},
{
"name": "CVE-2023-6866",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6866"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-1048",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-12-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits Mozilla\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par\nl\u0027\u00e9diteur, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une ex\u00e9cution\nde code arbitraire \u00e0 distance et un contournement de la politique de\ns\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Mozilla",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-56 du 19 d\u00e9cembre 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-54 du 19 d\u00e9cembre 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-55 du 19 d\u00e9cembre 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/"
}
]
}
CVE-2023-6867 (GCVE-0-2023-6867)
Vulnerability from cvelistv5 – Published: 2023-12-19 13:38 – Updated: 2025-02-13 17:26
VLAI?
EPSS
Summary
The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox ESR < 115.6 and Firefox < 121.
Severity ?
No CVSS data available.
CWE
- Clickjacking permission prompts using the popup transition
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Mozilla | Firefox ESR |
Affected:
unspecified , < 115.6
(custom)
|
||
Credits
Hafiizh
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:08.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1863863"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6867",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-27T18:50:04.078453Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T18:51:47.350Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "121",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Hafiizh"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox ESR \u003c 115.6 and Firefox \u003c 121."
}
],
"value": "The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox ESR \u003c 115.6 and Firefox \u003c 121."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Clickjacking permission prompts using the popup transition",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T11:07:34.550Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1863863"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-6867",
"datePublished": "2023-12-19T13:38:49.592Z",
"dateReserved": "2023-12-15T17:42:57.114Z",
"dateUpdated": "2025-02-13T17:26:39.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6870 (GCVE-0-2023-6870)
Vulnerability from cvelistv5 – Published: 2023-12-19 13:38 – Updated: 2025-02-13 17:26
VLAI?
EPSS
Summary
Applications which spawn a Toast notification in a background thread may have obscured fullscreen notifications displayed by Firefox.
*This issue only affects Android versions of Firefox and Firefox Focus.* This vulnerability affects Firefox < 121.
Severity ?
No CVSS data available.
CWE
- Android Toast notifications may obscure fullscreen event notifications
Assigner
References
Credits
Hafiizh
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:08.203Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1823316"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "121",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Hafiizh"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Applications which spawn a Toast notification in a background thread may have obscured fullscreen notifications displayed by Firefox. \u003cbr\u003e*This issue only affects Android versions of Firefox and Firefox Focus.* This vulnerability affects Firefox \u003c 121."
}
],
"value": "Applications which spawn a Toast notification in a background thread may have obscured fullscreen notifications displayed by Firefox. \n*This issue only affects Android versions of Firefox and Firefox Focus.* This vulnerability affects Firefox \u003c 121."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Android Toast notifications may obscure fullscreen event notifications",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T11:07:14.138Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1823316"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-6870",
"datePublished": "2023-12-19T13:38:52.848Z",
"dateReserved": "2023-12-15T17:42:57.660Z",
"dateUpdated": "2025-02-13T17:26:41.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6862 (GCVE-0-2023-6862)
Vulnerability from cvelistv5 – Published: 2023-12-19 13:38 – Updated: 2025-02-13 17:26
VLAI?
EPSS
Summary
A use-after-free was identified in the `nsDNSService::Init`. This issue appears to manifest rarely during start-up. This vulnerability affects Firefox ESR < 115.6 and Thunderbird < 115.6.
Severity ?
No CVSS data available.
CWE
- Use-after-free in nsDNSService
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox ESR |
Affected:
unspecified , < 115.6
(custom)
|
|||||||
|
|||||||||
Credits
Randell Jesup
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:08.103Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1868042"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-55/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5582"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6862",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-12T20:20:08.739941Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-25T19:18:21.412Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Randell Jesup"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A use-after-free was identified in the \u003ccode\u003ensDNSService::Init\u003c/code\u003e. This issue appears to manifest rarely during start-up. This vulnerability affects Firefox ESR \u003c 115.6 and Thunderbird \u003c 115.6."
}
],
"value": "A use-after-free was identified in the `nsDNSService::Init`. This issue appears to manifest rarely during start-up. This vulnerability affects Firefox ESR \u003c 115.6 and Thunderbird \u003c 115.6."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use-after-free in nsDNSService",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T11:07:08.929Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1868042"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-55/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"url": "https://www.debian.org/security/2023/dsa-5582"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-6862",
"datePublished": "2023-12-19T13:38:43.100Z",
"dateReserved": "2023-12-15T17:42:56.130Z",
"dateUpdated": "2025-02-13T17:26:37.198Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6858 (GCVE-0-2023-6858)
Vulnerability from cvelistv5 – Published: 2023-12-19 13:38 – Updated: 2025-05-07 20:25
VLAI?
EPSS
Summary
Firefox was susceptible to a heap buffer overflow in `nsTextFragment` due to insufficient OOM handling. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
Severity ?
8.8 (High)
CWE
- Heap buffer overflow in nsTextFragment
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox ESR |
Affected:
unspecified , < 115.6
(custom)
|
||||||||||||
|
||||||||||||||
Credits
Irvan Kurniawan
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:07.449Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1826791"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-55/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5582"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-6858",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-07T20:24:54.198215Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T20:25:21.051Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "121",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Irvan Kurniawan"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Firefox was susceptible to a heap buffer overflow in \u003ccode\u003ensTextFragment\u003c/code\u003e due to insufficient OOM handling. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121."
}
],
"value": "Firefox was susceptible to a heap buffer overflow in `nsTextFragment` due to insufficient OOM handling. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap buffer overflow in nsTextFragment",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T11:06:32.345Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1826791"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-55/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"url": "https://www.debian.org/security/2023/dsa-5582"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-6858",
"datePublished": "2023-12-19T13:38:38.757Z",
"dateReserved": "2023-12-15T17:42:55.349Z",
"dateUpdated": "2025-05-07T20:25:21.051Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6864 (GCVE-0-2023-6864)
Vulnerability from cvelistv5 – Published: 2023-12-19 13:38 – Updated: 2024-08-02 08:42
VLAI?
EPSS
Summary
Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
Severity ?
No CVSS data available.
CWE
- Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox ESR |
Affected:
unspecified , < 115.6
(custom)
|
||||||||||||
|
||||||||||||||
Credits
Andrew McCreight, Karl Tomlinson, Valentin Gosu, Randell Jesup, Yury Delendik, and the Mozilla Fuzzing Team
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:07.641Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6",
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1736385%2C1810805%2C1846328%2C1856090%2C1858033%2C1858509%2C1862089%2C1862777%2C1864015"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5582"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-55/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "121",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Andrew McCreight, Karl Tomlinson, Valentin Gosu, Randell Jesup, Yury Delendik, and the Mozilla Fuzzing Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121."
}
],
"value": "Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-30T19:16:40.729Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"name": "Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6",
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1736385%2C1810805%2C1846328%2C1856090%2C1858033%2C1858509%2C1862089%2C1862777%2C1864015"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
},
{
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"url": "https://www.debian.org/security/2023/dsa-5582"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-55/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-6864",
"datePublished": "2023-12-19T13:38:45.300Z",
"dateReserved": "2023-12-15T17:42:56.544Z",
"dateUpdated": "2024-08-02T08:42:07.641Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6869 (GCVE-0-2023-6869)
Vulnerability from cvelistv5 – Published: 2023-12-19 13:38 – Updated: 2025-05-07 20:23
VLAI?
EPSS
Summary
A `<dialog>` element could have been manipulated to paint content outside of a sandboxed iframe. This could allow untrusted content to display under the guise of trusted content. This vulnerability affects Firefox < 121.
Severity ?
6.5 (Medium)
CWE
- Content can paint outside of sandboxed iframe
Assigner
References
Credits
Oriol Brufau
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:07.885Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1799036"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-6869",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-07T20:22:28.205433Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T20:23:58.917Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "121",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Oriol Brufau"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A \u003ccode\u003e\u0026lt;dialog\u003e\u003c/code\u003e element could have been manipulated to paint content outside of a sandboxed iframe. This could allow untrusted content to display under the guise of trusted content. This vulnerability affects Firefox \u003c 121."
}
],
"value": "A `\u0026lt;dialog\u003e` element could have been manipulated to paint content outside of a sandboxed iframe. This could allow untrusted content to display under the guise of trusted content. This vulnerability affects Firefox \u003c 121."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Content can paint outside of sandboxed iframe",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T11:07:36.352Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1799036"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-6869",
"datePublished": "2023-12-19T13:38:51.751Z",
"dateReserved": "2023-12-15T17:42:57.488Z",
"dateUpdated": "2025-05-07T20:23:58.917Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6872 (GCVE-0-2023-6872)
Vulnerability from cvelistv5 – Published: 2023-12-19 13:38 – Updated: 2025-02-13 17:26
VLAI?
EPSS
Summary
Browser tab titles were being leaked by GNOME to system logs. This could potentially expose the browsing habits of users running in a private tab. This vulnerability affects Firefox < 121.
Severity ?
No CVSS data available.
CWE
- Browsing history leaked to syslogs via GNOME
Assigner
References
Credits
honorton via Tor Browser
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:07.978Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1849186"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6872",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-12-21T20:34:05.924253Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-25T19:09:08.374Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "121",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "honorton via Tor Browser"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Browser tab titles were being leaked by GNOME to system logs. This could potentially expose the browsing habits of users running in a private tab. This vulnerability affects Firefox \u003c 121."
}
],
"value": "Browser tab titles were being leaked by GNOME to system logs. This could potentially expose the browsing habits of users running in a private tab. This vulnerability affects Firefox \u003c 121."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Browsing history leaked to syslogs via GNOME",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T11:07:52.798Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1849186"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-6872",
"datePublished": "2023-12-19T13:38:54.985Z",
"dateReserved": "2023-12-15T17:42:58.045Z",
"dateUpdated": "2025-02-13T17:26:57.365Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6856 (GCVE-0-2023-6856)
Vulnerability from cvelistv5 – Published: 2023-12-19 13:38 – Updated: 2025-02-13 17:26
VLAI?
EPSS
Summary
The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
Severity ?
No CVSS data available.
CWE
- Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox ESR |
Affected:
unspecified , < 115.6
(custom)
|
||||||||||||
|
||||||||||||||
Credits
DoHyun Lee
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:08.187Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1843782"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-55/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5582"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "121",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "DoHyun Lee"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The WebGL \u003ccode\u003eDrawElementsInstanced\u003c/code\u003e method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121."
}
],
"value": "The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T11:06:56.120Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1843782"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-55/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"url": "https://www.debian.org/security/2023/dsa-5582"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-6856",
"datePublished": "2023-12-19T13:38:36.493Z",
"dateReserved": "2023-12-15T17:42:54.919Z",
"dateUpdated": "2025-02-13T17:26:33.802Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6865 (GCVE-0-2023-6865)
Vulnerability from cvelistv5 – Published: 2023-12-19 13:38 – Updated: 2025-02-13 17:26
VLAI?
EPSS
Summary
`EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR < 115.6 and Firefox < 121.
Severity ?
No CVSS data available.
CWE
- Potential exposure of uninitialized data in EncryptingOutputStream
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Mozilla | Firefox ESR |
Affected:
unspecified , < 115.6
(custom)
|
||
Credits
Jan Varga
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:07.851Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1864123"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "121",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Jan Varga"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ccode\u003eEncryptingOutputStream\u003c/code\u003e was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR \u003c 115.6 and Firefox \u003c 121."
}
],
"value": "`EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR \u003c 115.6 and Firefox \u003c 121."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Potential exposure of uninitialized data in EncryptingOutputStream",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T11:08:03.932Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1864123"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-6865",
"datePublished": "2023-12-19T13:38:47.449Z",
"dateReserved": "2023-12-15T17:42:56.728Z",
"dateUpdated": "2025-02-13T17:26:38.713Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6861 (GCVE-0-2023-6861)
Vulnerability from cvelistv5 – Published: 2023-12-19 13:38 – Updated: 2025-02-13 17:26
VLAI?
EPSS
Summary
The `nsWindow::PickerOpen(void)` method was susceptible to a heap buffer overflow when running in headless mode. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
Severity ?
No CVSS data available.
CWE
- Heap buffer overflow affected nsWindow::PickerOpen(void) in headless mode
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox ESR |
Affected:
unspecified , < 115.6
(custom)
|
||||||||||||
|
||||||||||||||
Credits
Yangkang of 360 ATA Team
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:07.994Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1864118"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-55/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5582"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "121",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Yangkang of 360 ATA Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The \u003ccode\u003ensWindow::PickerOpen(void)\u003c/code\u003e method was susceptible to a heap buffer overflow when running in headless mode. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121."
}
],
"value": "The `nsWindow::PickerOpen(void)` method was susceptible to a heap buffer overflow when running in headless mode. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap buffer overflow affected nsWindow::PickerOpen(void) in headless mode",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T11:07:32.492Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1864118"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-55/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"url": "https://www.debian.org/security/2023/dsa-5582"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-6861",
"datePublished": "2023-12-19T13:38:42.037Z",
"dateReserved": "2023-12-15T17:42:55.948Z",
"dateUpdated": "2025-02-13T17:26:36.616Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6871 (GCVE-0-2023-6871)
Vulnerability from cvelistv5 – Published: 2023-12-19 13:38 – Updated: 2024-08-02 08:42
VLAI?
EPSS
Summary
Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. This vulnerability affects Firefox < 121.
Severity ?
No CVSS data available.
CWE
- Lack of protocol handler warning in some instances
Assigner
References
Credits
Edward "JankhJankh" Prior
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:07.918Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1828334"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "121",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Edward \"JankhJankh\" Prior"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. This vulnerability affects Firefox \u003c 121."
}
],
"value": "Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. This vulnerability affects Firefox \u003c 121."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Lack of protocol handler warning in some instances",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-30T19:16:42.367Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1828334"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-6871",
"datePublished": "2023-12-19T13:38:53.927Z",
"dateReserved": "2023-12-15T17:42:57.870Z",
"dateUpdated": "2024-08-02T08:42:07.918Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-50762 (GCVE-0-2023-50762)
Vulnerability from cvelistv5 – Published: 2023-12-19 13:38 – Updated: 2025-02-13 17:19
VLAI?
EPSS
Summary
When processing a PGP/MIME payload that contains digitally signed text, the first paragraph of the text was never shown to the user. This is because the text was interpreted as a MIME message and the first paragraph was always treated as an email header section. A digitally signed text from a different context, such as a signed GIT commit, could be used to spoof an email message. This vulnerability affects Thunderbird < 115.6.
Severity ?
No CVSS data available.
CWE
- Truncated signed text was shown with a valid OpenPGP signature
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Mozilla | Thunderbird |
Affected:
unspecified , < 115.6
(custom)
|
Credits
Marcus Brinkmann
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:16:47.310Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1862625"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-55/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5582"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Marcus Brinkmann"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "When processing a PGP/MIME payload that contains digitally signed text, the first paragraph of the text was never shown to the user. This is because the text was interpreted as a MIME message and the first paragraph was always treated as an email header section. A digitally signed text from a different context, such as a signed GIT commit, could be used to spoof an email message. This vulnerability affects Thunderbird \u003c 115.6."
}
],
"value": "When processing a PGP/MIME payload that contains digitally signed text, the first paragraph of the text was never shown to the user. This is because the text was interpreted as a MIME message and the first paragraph was always treated as an email header section. A digitally signed text from a different context, such as a signed GIT commit, could be used to spoof an email message. This vulnerability affects Thunderbird \u003c 115.6."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Truncated signed text was shown with a valid OpenPGP signature",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T12:06:43.170Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1862625"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-55/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5582"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-50762",
"datePublished": "2023-12-19T13:38:34.261Z",
"dateReserved": "2023-12-12T16:29:47.908Z",
"dateUpdated": "2025-02-13T17:19:30.636Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6135 (GCVE-0-2023-6135)
Vulnerability from cvelistv5 – Published: 2023-12-19 13:38 – Updated: 2025-02-13 17:26
VLAI?
EPSS
Summary
Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.
Severity ?
No CVSS data available.
CWE
- NSS susceptible to "Minerva" attack
Assigner
References
Credits
George Pantela (Red Hat) and Hubert Kario (Red Hat)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:21:17.233Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6135",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-27T18:59:00.834131Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T18:59:23.431Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "121",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "George Pantela (Red Hat) and Hubert Kario (Red Hat)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Multiple NSS NIST curves were susceptible to a side-channel attack known as \"Minerva\". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox \u003c 121."
}
],
"value": "Multiple NSS NIST curves were susceptible to a side-channel attack known as \"Minerva\". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox \u003c 121."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NSS susceptible to \"Minerva\" attack",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T11:06:46.915Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1853908"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-6135",
"datePublished": "2023-12-19T13:38:46.388Z",
"dateReserved": "2023-11-14T21:31:12.876Z",
"dateUpdated": "2025-02-13T17:26:05.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6863 (GCVE-0-2023-6863)
Vulnerability from cvelistv5 – Published: 2023-12-19 13:38 – Updated: 2025-02-13 17:26
VLAI?
EPSS
Summary
The `ShutdownObserver()` was susceptible to potentially undefined behavior due to its reliance on a dynamic type that lacked a virtual destructor. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
Severity ?
No CVSS data available.
CWE
- Undefined behavior in ShutdownObserver()
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox ESR |
Affected:
unspecified , < 115.6
(custom)
|
||||||||||||
|
||||||||||||||
Credits
Ronald Crane
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:08.504Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1868901"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-55/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "121",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ronald Crane"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The \u003ccode\u003eShutdownObserver()\u003c/code\u003e was susceptible to potentially undefined behavior due to its reliance on a dynamic type that lacked a virtual destructor. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121."
}
],
"value": "The `ShutdownObserver()` was susceptible to potentially undefined behavior due to its reliance on a dynamic type that lacked a virtual destructor. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Undefined behavior in ShutdownObserver()",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T11:06:35.621Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1868901"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-55/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-6863",
"datePublished": "2023-12-19T13:38:44.181Z",
"dateReserved": "2023-12-15T17:42:56.329Z",
"dateUpdated": "2025-02-13T17:26:37.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6873 (GCVE-0-2023-6873)
Vulnerability from cvelistv5 – Published: 2023-12-19 13:38 – Updated: 2025-02-13 17:26
VLAI?
EPSS
Summary
Memory safety bugs present in Firefox 120. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 121.
Severity ?
No CVSS data available.
CWE
- Memory safety bugs fixed in Firefox 121
Assigner
References
Credits
Andrew McCreight, Yury Delendik
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:07.975Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Memory safety bugs fixed in Firefox 121",
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1855327%2C1862089%2C1862723"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5582"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "121",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Andrew McCreight, Yury Delendik"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Memory safety bugs present in Firefox 120. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 121."
}
],
"value": "Memory safety bugs present in Firefox 120. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 121."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory safety bugs fixed in Firefox 121",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T11:06:42.047Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"name": "Memory safety bugs fixed in Firefox 121",
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1855327%2C1862089%2C1862723"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5582"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-6873",
"datePublished": "2023-12-19T13:38:56.039Z",
"dateReserved": "2023-12-15T17:42:58.233Z",
"dateUpdated": "2025-02-13T17:26:57.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-50761 (GCVE-0-2023-50761)
Vulnerability from cvelistv5 – Published: 2023-12-19 13:38 – Updated: 2025-02-13 17:19
VLAI?
EPSS
Summary
The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If present, Thunderbird did not compare the signature creation date with the message date and time, and displayed a valid signature despite a date or time mismatch. This could be used to give recipients the impression that a message was sent at a different date or time. This vulnerability affects Thunderbird < 115.6.
Severity ?
No CVSS data available.
CWE
- S/MIME signature accepted despite mismatching message date
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Mozilla | Thunderbird |
Affected:
unspecified , < 115.6
(custom)
|
Credits
Marcus Brinkmann
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:16:47.304Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1865647"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-55/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5582"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Marcus Brinkmann"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If present, Thunderbird did not compare the signature creation date with the message date and time, and displayed a valid signature despite a date or time mismatch. This could be used to give recipients the impression that a message was sent at a different date or time. This vulnerability affects Thunderbird \u003c 115.6."
}
],
"value": "The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If present, Thunderbird did not compare the signature creation date with the message date and time, and displayed a valid signature despite a date or time mismatch. This could be used to give recipients the impression that a message was sent at a different date or time. This vulnerability affects Thunderbird \u003c 115.6."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "S/MIME signature accepted despite mismatching message date",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T12:06:47.958Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1865647"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-55/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5582"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-50761",
"datePublished": "2023-12-19T13:38:35.397Z",
"dateReserved": "2023-12-12T16:29:47.908Z",
"dateUpdated": "2025-02-13T17:19:30.089Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6857 (GCVE-0-2023-6857)
Vulnerability from cvelistv5 – Published: 2023-12-19 13:38 – Updated: 2025-02-13 17:26
VLAI?
EPSS
Summary
When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary.
*This bug only affects Firefox on Unix-based operating systems (Android, Linux, MacOS). Windows is unaffected.* This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
Severity ?
No CVSS data available.
CWE
- Symlinks may resolve to smaller than expected buffers
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox ESR |
Affected:
unspecified , < 115.6
(custom)
|
||||||||||||
|
||||||||||||||
Credits
Jed Davis
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:07.598Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1796023"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-55/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5582"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "121",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Jed Davis"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "When resolving a symlink, a race may occur where the buffer passed to \u003ccode\u003ereadlink\u003c/code\u003e may actually be smaller than necessary. \u003cbr\u003e*This bug only affects Firefox on Unix-based operating systems (Android, Linux, MacOS). Windows is unaffected.* This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121."
}
],
"value": "When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary. \n*This bug only affects Firefox on Unix-based operating systems (Android, Linux, MacOS). Windows is unaffected.* This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Symlinks may resolve to smaller than expected buffers",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T11:07:44.508Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1796023"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-55/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"url": "https://www.debian.org/security/2023/dsa-5582"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-6857",
"datePublished": "2023-12-19T13:38:37.621Z",
"dateReserved": "2023-12-15T17:42:55.146Z",
"dateUpdated": "2025-02-13T17:26:34.338Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6860 (GCVE-0-2023-6860)
Vulnerability from cvelistv5 – Published: 2023-12-19 13:38 – Updated: 2025-02-13 17:26
VLAI?
EPSS
Summary
The `VideoBridge` allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
Severity ?
No CVSS data available.
CWE
- Potential sandbox escape due to VideoBridge lack of texture validation
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox ESR |
Affected:
unspecified , < 115.6
(custom)
|
||||||||||||
|
||||||||||||||
Credits
Andrew Osmond
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:07.916Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1854669"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-55/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5582"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "121",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Andrew Osmond"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The \u003ccode\u003eVideoBridge\u003c/code\u003e allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121."
}
],
"value": "The `VideoBridge` allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Potential sandbox escape due to VideoBridge lack of texture validation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T11:07:42.632Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1854669"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-55/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"url": "https://www.debian.org/security/2023/dsa-5582"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-6860",
"datePublished": "2023-12-19T13:38:40.956Z",
"dateReserved": "2023-12-15T17:42:55.731Z",
"dateUpdated": "2025-02-13T17:26:36.069Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6866 (GCVE-0-2023-6866)
Vulnerability from cvelistv5 – Published: 2023-12-19 13:38 – Updated: 2025-02-13 17:26
VLAI?
EPSS
Summary
TypedArrays can be fallible and lacked proper exception handling. This could lead to abuse in other APIs which expect TypedArrays to always succeed. This vulnerability affects Firefox < 121.
Severity ?
8.8 (High)
CWE
- TypedArrays lack sufficient exception handling
Assigner
References
Credits
Tom Schuster
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:07.897Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1849037"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "firefox",
"vendor": "mozilla",
"versions": [
{
"lessThan": "121",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-6866",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-27T18:53:04.962819Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T18:54:55.308Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "121",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Tom Schuster"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "TypedArrays can be fallible and lacked proper exception handling. This could lead to abuse in other APIs which expect TypedArrays to always succeed. This vulnerability affects Firefox \u003c 121."
}
],
"value": "TypedArrays can be fallible and lacked proper exception handling. This could lead to abuse in other APIs which expect TypedArrays to always succeed. This vulnerability affects Firefox \u003c 121."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "TypedArrays lack sufficient exception handling",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T11:07:25.418Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1849037"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-6866",
"datePublished": "2023-12-19T13:38:48.512Z",
"dateReserved": "2023-12-15T17:42:56.928Z",
"dateUpdated": "2025-02-13T17:26:39.281Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6859 (GCVE-0-2023-6859)
Vulnerability from cvelistv5 – Published: 2023-12-19 13:38 – Updated: 2025-02-13 17:26
VLAI?
EPSS
Summary
A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
Severity ?
No CVSS data available.
CWE
- Use-after-free in PR_GetIdentitiesLayer
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox ESR |
Affected:
unspecified , < 115.6
(custom)
|
||||||||||||
|
||||||||||||||
Credits
Irvan Kurniawan
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:07.643Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1840144"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-55/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5582"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "121",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Irvan Kurniawan"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121."
}
],
"value": "A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use-after-free in PR_GetIdentitiesLayer",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T11:07:19.070Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1840144"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-55/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"url": "https://www.debian.org/security/2023/dsa-5582"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-6859",
"datePublished": "2023-12-19T13:38:39.872Z",
"dateReserved": "2023-12-15T17:42:55.537Z",
"dateUpdated": "2025-02-13T17:26:35.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6868 (GCVE-0-2023-6868)
Vulnerability from cvelistv5 – Published: 2023-12-19 13:38 – Updated: 2025-02-13 17:26
VLAI?
EPSS
Summary
In some instances, the user-agent would allow push requests which lacked a valid VAPID even though the push manager subscription defined one. This could allow empty messages to be sent from unauthorized parties.
*This bug only affects Firefox on Android.* This vulnerability affects Firefox < 121.
Severity ?
No CVSS data available.
CWE
- WebPush requests on Firefox for Android did not require VAPID key
Assigner
References
Credits
John-Mark Gurney
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:07.636Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1865488"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "121",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "John-Mark Gurney"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In some instances, the user-agent would allow push requests which lacked a valid VAPID even though the push manager subscription defined one. This could allow empty messages to be sent from unauthorized parties.\u003cbr\u003e*This bug only affects Firefox on Android.* This vulnerability affects Firefox \u003c 121."
}
],
"value": "In some instances, the user-agent would allow push requests which lacked a valid VAPID even though the push manager subscription defined one. This could allow empty messages to be sent from unauthorized parties.\n*This bug only affects Firefox on Android.* This vulnerability affects Firefox \u003c 121."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "WebPush requests on Firefox for Android did not require VAPID key",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T11:06:51.488Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1865488"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-6868",
"datePublished": "2023-12-19T13:38:50.669Z",
"dateReserved": "2023-12-15T17:42:57.290Z",
"dateUpdated": "2025-02-13T17:26:40.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…