VDB
GCVE-VVD-MAGEIA-2024-12
GCVE-VVD-MAGEIA-2024-12
Advisory Published
The updated packages fix security vulnerabilities
Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with
Mesa VM driver. (CVE-2023-6856)
Potential exposure of uninitialized data in EncryptingOutputStream.
(CVE-2023-6865)
Symlinks may resolve to smaller than expected buffers. (CVE-2023-6857)
Heap buffer overflow in nsTextFragment. (CVE-2023-6858)
Use-after-free in PR_GetIdentitiesLayer. (CVE-2023-6859)
Potential sandbox escape due to VideoBridge lack of texture validation.
(CVE-2023-6860)
Clickjacking permission prompts using the popup transition.
(CVE-2023-6867)
Heap buffer overflow affected nsWindow::PickerOpen(void) in headless
mode. (CVE-2023-6861)
Use-after-free in nsDNSService. (CVE-2023-6862)
Undefined behavior in ShutdownObserver(). (CVE-2023-6863)
Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and
Thunderbird 115.6. (CVE-2023-6864)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | amdgpupro-opencl-pal | 0 (affected), 20.20-0.1089974.2.1.mga9.nonfree (unaffected) | — |
| Mageia | firefox | 0 (affected), 115.6.0-1.mga9 (unaffected), 0 (affected), 115.6.0-1.mga9 (unaffected) | — |
| Mageia | firefox-l10n | 0 (affected), 115.6.0-1.mga9 (unaffected), 0 (affected), 115.6.0-1.mga9 (unaffected) | — |
| Mageia | nss | 0 (affected), 3.96.1-1.mga9 (unaffected), 0 (affected), 3.96.1-1.mga9 (unaffected) | — |
References
Browse GCVE Records
100 records in the GCVE database · Updated April 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.