CVE-2023-23597
CVSS v3.1
6.5 (Medium)
EPSS
0.16 % (53th)
Affected Products
1
Advisories
3
A compromised web child process could disable web security opening restrictions, leading to a new child process being spawned within the <code>file://</code> context. Given a reliable exploit primitive, this new process could be exploited again leading to arbitrary file read. This vulnerability affects Firefox < 109.
Weaknesses
- CWE-326
- Inadequate Encryption Strength
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2023-06-02 17:15:10
(15 months ago) - Updated Date
-
2023-06-08 17:53:40
(15 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...