Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-4049HistoryAug 01, 2023 - 3:15 p.m.
CVE-2023-4049
2023-08-0115:15:10
Debian Security Bug Tracker
security-tracker.debian.org
12
race condition
reference counting
use-after-free
firefox
vulnerability
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
50.6%
Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable use-after-free vulnerabilities. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 999 | all | firefox | < 116.0-1 | firefox_116.0-1_all.deb |
| Debian | 12 | all | firefox-esr | < 102.14.0esr-1~deb12u1 | firefox-esr_102.14.0esr-1~deb12u1_all.deb |
| Debian | 11 | all | firefox-esr | < 102.14.0esr-1~deb11u1 | firefox-esr_102.14.0esr-1~deb11u1_all.deb |
| Debian | 999 | all | firefox-esr | < 115.1.0esr-1 | firefox-esr_115.1.0esr-1_all.deb |
| Debian | 13 | all | firefox-esr | < 115.1.0esr-1 | firefox-esr_115.1.0esr-1_all.deb |
| Debian | 12 | all | thunderbird | < 1:102.14.0-1~deb12u1 | thunderbird_1:102.14.0-1~deb12u1_all.deb |
| Debian | 11 | all | thunderbird | < 1:102.14.0-1~deb11u1 | thunderbird_1:102.14.0-1~deb11u1_all.deb |
| Debian | 999 | all | thunderbird | < 1:115.1.0-1 | thunderbird_1:115.1.0-1_all.deb |
| Debian | 13 | all | thunderbird | < 1:115.1.0-1 | thunderbird_1:115.1.0-1_all.deb |
Related
ubuntucve
ubuntucve
CVE-2023-4049
2023-08-01 00:00:00
alpinelinux
alpinelinux
CVE-2023-4049
2023-08-01 15:15:10
cve
cve
CVE-2023-4049
2023-08-01 15:15:10
veracode
veracode
Denial Of Service (DoS)
2023-08-06 12:05:38
prion
prion
Race condition
2023-08-01 15:15:00
cvelist
cvelist
CVE-2023-4049
2023-08-01 14:58:07
cnvd
cnvd
Mozilla Firefox and Firefox ESR Competitive Conditions Issue Vulnerability
2023-08-03 00:00:00
redhatcve
redhatcve
CVE-2023-4049
2023-08-02 08:28:20
nvd
nvd
CVE-2023-4049
2023-08-01 15:15:10
nessus
nessus
Amazon Linux 2 : firefox (ALASFIREFOX-2023-002)
2023-09-27 00:00:00
Debian DSA-5464-1 : firefox-esr - security update
2023-08-04 00:00:00
Debian DLA-3523-1 : firefox-esr - LTS security update
2023-08-09 00:00:00
debian
debian
[SECURITY] [DLA 3523-1] firefox-esr security update
2023-08-09 19:05:02
[SECURITY] [DSA 5464-1] firefox-esr security update
2023-08-03 17:27:01
[SECURITY] [DLA 3521-1] thunderbird security update
2023-08-08 10:13:27
osv
osv
firefox-esr - security update
2023-08-09 00:00:00
thunderbird - security update
2023-08-05 00:00:00
firefox-esr - security update
2023-08-03 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-3523-1)
2023-08-10 00:00:00
Debian: Security Advisory (DLA-3521-1)
2023-08-09 00:00:00
Debian: Security Advisory (DSA-5464-1)
2023-08-04 00:00:00
almalinux
almalinux
Important: firefox security update
2023-08-03 00:00:00
Important: firefox security update
2023-08-03 00:00:00
Important: thunderbird security update
2023-08-07 00:00:00
redhat
redhat
(RHSA-2023:4464) Important: firefox security update
2023-08-03 12:41:38
(RHSA-2023:4461) Important: firefox security update
2023-08-03 12:32:03
(RHSA-2023:4465) Important: firefox security update
2023-08-03 12:42:58
kaspersky
kaspersky
KLA51574 Multiple vulnerabilities in Mozilla Firefox ESR
2023-08-01 00:00:00
KLA51618 Multiple vulnerabilities in Mozilla Thunderbird
2023-08-02 00:00:00
KLA51619 Multiple vulnerabilities in Mozilla Firefox ESR
2023-08-01 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2023-09-04 00:00:00
Firefox vulnerabilities
2023-08-02 00:00:00
Firefox regressions
2023-08-08 00:00:00
oraclelinux
oraclelinux
firefox security update
2023-08-06 00:00:00
firefox security update
2023-08-04 00:00:00
firefox security update
2023-08-04 00:00:00
rocky
rocky
firefox security update
2023-08-08 12:34:07
firefox security update
2023-08-08 12:35:00
thunderbird security update
2023-08-08 12:34:39
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 102.14 — Mozilla
2023-08-01 00:00:00
Security Vulnerabilities fixed in Thunderbird 102.14 — Mozilla
2023-08-02 00:00:00
Security Vulnerabilities fixed in Thunderbird 115.1 — Mozilla
2023-08-02 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2233
2023-09-12 11:49:48
Advisory ROSA-SA-2023-2232
2023-09-12 11:49:20
slackware
slackware
[slackware-security] mozilla-firefox
2023-08-04 20:52:54
redos
redos
ROS-20230919-04
2023-09-19 00:00:00
ROS-20230908-07
2023-09-08 00:00:00
mageia
mageia
Updated firefox/thunderbird packages fix security vulnerability
2023-09-25 01:16:18
gentoo
gentoo
Mozilla Thunderbird: Multiple Vulnerabilities
2024-02-19 00:00:00
ibm
ibm
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
50.6%
Related for DEBIANCVE:CVE-2023-4049