CVE-2023-6856
CVSS v3.1
8.8 (High)
EPSS
0.54 % (78th)
Affected Products
4
Advisories
35
The WebGL DrawElementsInstanced
method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
Weaknesses
- CWE-787
- Out-of-bounds Write
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2023-12-19 14:15:07
(9 months ago) - Updated Date
-
2024-02-02 02:31:59
(7 months ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...