9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.65 Medium
EPSS
Percentile
97.9%
Use-after-free in workers. (CVE-2023-3600) File Extension Spoofing using the Text Direction Override Character. (CVE-2023-3417) Offscreen Canvas could have bypassed cross-origin restrictions. (CVE-2023-4045) Incorrect value used during WASM compilation. (CVE-2023-4046) Potential permissions request bypass via clickjacking. (CVE-2023-4047) Crash in DOMParser due to out-of-memory conditions. (CVE-2023-4048) Fix potential race conditions when releasing platform objects. (CVE-2023-4049) Stack buffer overflow in StorageManager. (CVE-2023-4050) Cookie jar overflow caused unexpected cookie jar state. (CVE-2023-4055) Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14. (CVE-2023-4056) Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. (CVE-2023-4057) Memory corruption in IPC CanvasTranslator. (CVE-2023-4573) Memory corruption in IPC ColorPickerShownCallback. (CVE-2023-4574) Memory corruption in IPC FilePickerShownCallback. (CVE-2023-4575) Integer Overflow in RecordedSourceSurfaceCreation. (CVE-2023-4576) Memory corruption in JIT UpdateRegExpStatics. (CVE-2023-4577) Full screen notification obscured by file open dialog. (CVE-2023-4051) Error reporting methods in SpiderMonkey could have triggered an Out of Memory Exception. (CVE-2023-4578) Full screen notification obscured by external program. (CVE-2023-4053) Push notifications saved to disk unencrypted. (CVE-2023-4580) XLL file extensions were downloadable without warnings. (CVE-2023-4581) Browsing Context potentially not cleared when closing Private Window. (CVE-2023-4583) Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2. (CVE-2023-4584) Memory safety bugs fixed in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. (CVE-2023-4585) Heap buffer overflow in libwebp. (CVE-2023-4863)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 8 | noarch | rootcerts | < 20230720.00-1 | rootcerts-20230720.00-1.mga8 |
Mageia | 8 | noarch | nss | < 3.93.0-1 | nss-3.93.0-1.mga8 |
Mageia | 8 | noarch | firefox | < 102.15.1-1 | firefox-102.15.1-1.mga8 |
Mageia | 8 | noarch | firefox-l10n | < 102.15.1-1 | firefox-l10n-102.15.1-1.mga8 |
Mageia | 8 | noarch | thunderbird | < 102.15.1-1 | thunderbird-102.15.1-1.mga8 |
Mageia | 8 | noarch | thunderbird-l10n | < 102.15.1-1 | thunderbird-l10n-102.15.1-1.mga8 |
Mageia | 9 | noarch | rootcerts | < 20230720.00-1 | rootcerts-20230720.00-1.mga9 |
Mageia | 9 | noarch | nss | < 3.93.0-1 | nss-3.93.0-1.mga9 |
Mageia | 9 | noarch | firefox | < 115.2.1-1 | firefox-115.2.1-1.mga9 |
Mageia | 9 | noarch | firefox-l10n | < 115.2.1-1 | firefox-l10n-115.2.1-1.mga9 |
bugs.mageia.org/show_bug.cgi?id=32258
firefox-source-docs.mozilla.org/security/nss/releases/index.html
firefox-source-docs.mozilla.org/security/nss/releases/nss_3_93.html
www.mozilla.org/en-US/firefox/115.0.1/releasenotes/
www.mozilla.org/en-US/firefox/115.0.2/releasenotes/
www.mozilla.org/en-US/firefox/115.0.3/releasenotes/
www.mozilla.org/en-US/firefox/115.1.0/releasenotes/
www.mozilla.org/en-US/firefox/115.2.0/releasenotes/
www.mozilla.org/en-US/firefox/115.2.1/releasenotes/
www.mozilla.org/en-US/security/advisories/mfsa2023-26/
www.mozilla.org/en-US/security/advisories/mfsa2023-27/
www.mozilla.org/en-US/security/advisories/mfsa2023-31/
www.mozilla.org/en-US/security/advisories/mfsa2023-33/
www.mozilla.org/en-US/security/advisories/mfsa2023-36/
www.mozilla.org/en-US/security/advisories/mfsa2023-38/
www.mozilla.org/en-US/security/advisories/mfsa2023-40/
www.thunderbird.net/en-US/thunderbird/115.0.1/releasenotes/
www.thunderbird.net/en-US/thunderbird/115.0/releasenotes/
www.thunderbird.net/en-US/thunderbird/115.1.0/releasenotes/
www.thunderbird.net/en-US/thunderbird/115.1.1/releasenotes/
www.thunderbird.net/en-US/thunderbird/115.2.0/releasenotes/
www.thunderbird.net/en-US/thunderbird/115.2.1/releasenotes/
www.thunderbird.net/en-US/thunderbird/115.2.2/releasenotes/