CVE-2023-4048

CVSS v3.1 7.5 (High)

EPSS 0.24 % (62^th)

Affected Products 3

Advisories 36

An out-of-bounds read could have led to an exploitable crash when parsing HTML with DOMParser in low memory situations. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

Weaknesses

CWE-125: Out-of-bounds Read

CVE Status: PUBLISHED
CNA: Mozilla Corporation
Published Date: 2023-08-01 15:15:09
(13 months ago)
Updated Date: 2023-08-11 20:03:47
(13 months ago)

Affected Products

Debian

Debian Linux

Mozilla

Configuration #1

	CPE23	From	Up To
Mozilla Firefox prior 116.0 version	cpe:2.3:a:mozilla:firefox		< 116.0
Mozilla Firefox Esr from 102.0 version and prior 102.14 version	cpe:2.3:a:mozilla:firefox_esr	>= 102.0	< 102.14
Mozilla Firefox Esr from 115.0 version and prior 115.1 version	cpe:2.3:a:mozilla:firefox_esr	>= 115.0	< 115.1

Configuration #2

		CPE23	From	Up To
	Debian Linux 10.0	cpe:2.3:o:debian:debian_linux:10.0
	Debian Linux 11.0	cpe:2.3:o:debian:debian_linux:11.0
	Debian Linux 12.0	cpe:2.3:o:debian:debian_linux:12.0