Описание
When importing a SPKI RSA public key as ECDSA P-256, the key would be handled incorrectly causing the tab to crash. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| firefox | fixed | 110.0-1 | package | |
| firefox-esr | fixed | 102.8.0esr-1 | package | |
| thunderbird | fixed | 1:102.8.0-1 | package |
Примечания
https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25742
https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-25742
https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25742
EPSS
Связанные уязвимости
When importing a SPKI RSA public key as ECDSA P-256, the key would be handled incorrectly causing the tab to crash. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
When importing a SPKI RSA public key as ECDSA P-256, the key would be handled incorrectly causing the tab to crash. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
When importing a SPKI RSA public key as ECDSA P-256, the key would be handled incorrectly causing the tab to crash. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
When importing a SPKI RSA public key as ECDSA P-256, the key would be handled incorrectly causing the tab to crash. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с ошибками при импорте открытого ключа SPKI RSA в качестве ECDSA P-256, позволяющая нарушителю привести к сбою вкладки
EPSS