VDB
CVE-2023-29538
CVE-2023-29538
PUBLISHED
In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Gründen zählen beispielsweise verschiedene Fehler in der Speicherverwaltung, Fehler bei der Dateibehandlung und Fehler bei der Durchsetzung von Sicherheitsmechanismen. Ein Angreifer kann dies ausnutzen, um beliebigen Code auszuführen, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.
EPSS 0.15% · 35.2th percentile
Risk Scores
EPSS Score
0.15%
35.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xerox | Xerox FreeFlow Print Server v2 | |
| Red Hat | Red Hat Enterprise Linux | |
| Amazon | Amazon Linux 2 | |
| Debian | Debian Linux | |
| SUSE | SUSE Linux | |
| Ubuntu | Ubuntu Linux | |
| Oracle | Oracle Linux | |
| Open Source | Open Source CentOS | |
| Gentoo | Gentoo Linux | |
| Fedora | Fedora Linux |
Timeline
- Apr 11, 2023 CVE Published
- Jun 3, 2023 EPSS Score
- Jul 9, 2023 EPSS Score
- Aug 14, 2023 EPSS Score
- Sep 19, 2023 EPSS Score
- Sep 27, 2023 CVE Updated
- Oct 24, 2023 EPSS Score
- Nov 29, 2023 EPSS Score
- Jan 4, 2024 EPSS Score
- Feb 9, 2024 EPSS Score
- Mar 16, 2024 EPSS Score
- Apr 21, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0941.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0941 advisory
- https://alas.aws.amazon.com/AL2/ALASFIREFOX-2023-006.html advisory
- https://securitydocs.business.xerox.com/wp-content/uploads/2023/06/Xerox-Security-Bulletin-XRX23-010-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v2_Windows%C2%AE-10.pdf advisory
- https://security.gentoo.org/glsa/202305-36 advisory
- https://security.gentoo.org/glsa/202305-35 advisory
- https://alas.aws.amazon.com/AL2/ALAS-2023-2028.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-April/014672.html advisory
- https://ubuntu.com/security/notices/USN-6010-3 advisory
- https://lists.centos.org/pipermail/centos-announce/2023-April/086396.html advisory
- https://lists.centos.org/pipermail/centos-announce/2023-April/086395.html advisory
- https://lists.debian.org/debian-lts-announce/2023/04/msg00027.html advisory
- https://www.debian.org/security/2023/dsa-5392 advisory
- https://oss.oracle.com/pipermail/el-errata/2023-April/013926.html advisory
- https://access.redhat.com/errata/RHSA-2023:1802 advisory
- https://access.redhat.com/errata/RHSA-2023:1811 advisory
- https://access.redhat.com/errata/RHSA-2023:1809 advisory
- https://access.redhat.com/errata/RHSA-2023:1805 advisory
- https://access.redhat.com/errata/RHSA-2023:1804 advisory
- https://access.redhat.com/errata/RHSA-2023:1806 advisory
…and 30 more