VDB
WID-SEC-W-2023-2514
WID-SEC-W-2023-2514
PUBLISHED
Firefox ist ein Open Source Web Browser. ESR ist die Variante mit verlängertem Support.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mozilla Firefox ESR 115.3.1 | ||
| Red Hat Enterprise Linux | ||
| Ubuntu Linux | ||
| Mozilla Firefox <118.0.1 | ||
| Mozilla Firefox 118.0.1 | ||
| Fedora Linux | ||
| Xerox FreeFlow Print Server v9 | ||
| Xerox FreeFlow Print Server v7 | ||
| SUSE Linux | ||
| Mozilla Firefox Focus for Android <118.1.0 | ||
| Debian Linux | ||
| Mozilla Firefox for Android <118.1.0 | ||
| Mozilla Firefox for Android 118.1.0 | ||
| IGEL OS 11 | ||
| Mozilla Firefox Focus for Android 118.1.0 | ||
| Mozilla Firefox ESR <115.3.1 | ||
| IGEL OS 12 | ||
| Xerox FreeFlow Print Server v2 / Windows 10 | ||
| SUSE openSUSE | ||
| Oracle Linux |
Exploit Intelligence
- Trinadh465/platform_external_libvpx_v1.4.0_CVE-2023-5217 (github-poc)
- Trinadh465/platform_external_libvpx_v1.8.0_CVE-2023-5217 (github-poc)
- A PoC to trigger CVE-2023-5217 from the Browser WebCodecs or MediaRecorder interface. (github-poc)
- https://access.redhat.com/errata/RHSA-2023:5433 (circl)
- https://access.redhat.com/errata/RHSA-2023:5434 (circl)
- https://access.redhat.com/errata/RHSA-2023:5477 (circl)
- https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html (circl)
- https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html (circl)
- https://www.debian.org/security/2023/dsa-5509 (circl)
- https://ubuntu.com/security/notices/USN-6404-1 (circl)
…and 35 more exploits
Timeline
- Sep 28, 2023 CVE Published
- Dec 15, 2024 CVE Updated
- Apr 28, 2025 PoC Published
- Apr 3, 2026 Distribution Patch
- Apr 3, 2026 Distribution Patch
- Apr 3, 2026 Distribution Patch
- Apr 3, 2026 Distribution Patch
- Apr 3, 2026 Distribution Patch
- Apr 3, 2026 Distribution Patch
- Apr 3, 2026 Distribution Patch
- Apr 3, 2026 Distribution Patch
- Apr 3, 2026 Distribution Patch
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2514.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2514 advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/ url
- https://lists.debian.org/debian-security-announce/2023/msg00203.html url
- https://www.debian.org/security/2023/dsa-5510 url
- https://lists.debian.org/debian-security-announce/2023/msg00202.html url
- https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html url
- https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html url
- https://www.debian.org/security/2023/dsa-5509 url
- https://ubuntu.com/security/notices/USN-6404-1 url
- https://lists.suse.com/pipermail/sle-security-updates/2023-October/016491.html url
- https://lists.suse.com/pipermail/sle-security-updates/2023-October/016485.html url
- https://lists.suse.com/pipermail/sle-security-updates/2023-October/016494.html url
- https://lists.suse.com/pipermail/sle-security-updates/2023-October/016492.html url
- https://lists.suse.com/pipermail/sle-security-updates/2023-October/016484.html url
- https://lists.suse.com/pipermail/sle-security-updates/2023-October/016490.html url
- https://ubuntu.com/security/notices/USN-6403-1 url
- https://access.redhat.com/errata/RHSA-2023:5436 url
- https://access.redhat.com/errata/RHSA-2023:5426 url
- https://access.redhat.com/errata/RHSA-2023:5440 url
…and 16 more