Lucene search
MozillaCVELIST:CVE-2023-6868HistoryDec 19, 2023 - 1:38 p.m.
CVE-2023-6868
2023-12-1913:38:50
mozilla
www.cve.org
12
cve-2023-6868
user-agent
push requests
vapid
empty messages
unauthorized parties
firefox
android
vulnerability
In some instances, the user-agent would allow push requests which lacked a valid VAPID even though the push manager subscription defined one. This could allow empty messages to be sent from unauthorized parties.
This bug only affects Firefox on Android. This vulnerability affects Firefox < 121.
CNA Affected
[
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "121",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2023-6868
2023-12-19 14:15:07
debiancve
debiancve
CVE-2023-6868
2023-12-19 14:15:07
prion
prion
Design/Logic Flaw
2023-12-19 14:15:00
cve
cve
CVE-2023-6868
2023-12-19 14:15:07
alpinelinux
alpinelinux
CVE-2023-6868
2023-12-19 14:15:07
ubuntucve
ubuntucve
CVE-2023-6868
2023-12-19 00:00:00
kaspersky
kaspersky
KLA62517 Multiple vulnerabilities in Mozilla Firefox
2023-12-19 00:00:00
nessus
nessus
Fedora 39 : firefox / nss (2023-9de52d46bd)
2023-12-21 00:00:00
Mozilla Firefox < 121.0
2023-12-19 00:00:00
Fedora 38 : firefox / nss (2023-983329cf45)
2023-12-21 00:00:00
osv
osv
MozillaFirefox-121.0-1.1 on GA media
2024-06-15 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Firefox 121 — Mozilla
2023-12-19 00:00:00
gentoo
gentoo
Mozilla Firefox: Multiple Vulnerabilities
2024-01-07 00:00:00