CVE-2023-6862

CVSS v3.1 8.8 (High)

EPSS 0.10 % (42^th)

Affected Products 3

Advisories 33

A use-after-free was identified in the nsDNSService::Init. This issue appears to manifest rarely during start-up. This vulnerability affects Firefox ESR < 115.6 and Thunderbird < 115.6.

Weaknesses

CWE-416: Use After Free

CVE Status: PUBLISHED
CNA: Mozilla Corporation
Published Date: 2023-12-19 14:15:07
(9 months ago)
Updated Date: 2024-02-02 02:42:37
(7 months ago)

Affected Products

Debian

Debian Linux

Mozilla

Firefox Esr
Thunderbird

Configuration #1

		CPE23	From	Up To
	Mozilla Firefox Esr prior 115.6 version	cpe:2.3:a:mozilla:firefox_esr		< 115.6
	Mozilla Thunderbird prior 115.6 version	cpe:2.3:a:mozilla:thunderbird		< 115.6

Configuration #2

		CPE23	From	Up To
	Debian Linux 10.0	cpe:2.3:o:debian:debian_linux:10.0
	Debian Linux 11.0	cpe:2.3:o:debian:debian_linux:11.0
	Debian Linux 12.0	cpe:2.3:o:debian:debian_linux:12.0