CVE-2023-6862

Опубликовано: 19 дек. 2023

Источник: debian

EPSS Низкий

Описание

A use-after-free was identified in the `nsDNSService::Init`. This issue appears to manifest rarely during start-up. This vulnerability affects Firefox ESR < 115.6 and Thunderbird < 115.6.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
firefox-esr	fixed	115.6.0esr-1		package
thunderbird	fixed	1:115.6.0-1		package

Примечания

https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/#CVE-2023-6862
https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/#CVE-2023-6862

EPSS

Процентиль: 56%

0.00337

Низкий

Связанные уязвимости

CVE-2023-6862

CVSS3: 8.8

ubuntu

больше 1 года назад

A use-after-free was identified in the `nsDNSService::Init`. This issue appears to manifest rarely during start-up. This vulnerability affects Firefox ESR < 115.6 and Thunderbird < 115.6.

CVE-2023-6862

CVSS3: 8.8

redhat

больше 1 года назад

A use-after-free was identified in the `nsDNSService::Init`. This issue appears to manifest rarely during start-up. This vulnerability affects Firefox ESR < 115.6 and Thunderbird < 115.6.

CVE-2023-6862

CVSS3: 8.8

nvd

больше 1 года назад

A use-after-free was identified in the `nsDNSService::Init`. This issue appears to manifest rarely during start-up. This vulnerability affects Firefox ESR < 115.6 and Thunderbird < 115.6.

GHSA-5x56-7cpg-238g

CVSS3: 8.8

github

больше 1 года назад

A use-after-free was identified in the `nsDNSService::Init`. This issue appears to manifest rarely during start-up. This vulnerability affects Firefox ESR < 115.6 and Thunderbird < 115.6.

BDU:2023-09062

CVSS3: 8.8

fstec

больше 1 года назад

Уязвимость файла nsDNSService::Init браузера Mozilla Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 56%

0.00337

Низкий