CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-25751 – Mozilla: Incorrect code generation during JIT compilation
https://notcve.org/view.php?id=CVE-2023-25751
Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be overwritten incorrectly. This could lead to a potentially exploitable crash. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9. A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of invalidating JIT code while following an iterator. • https://bugzilla.mozilla.org/show_bug.cgi?id=1814899 https://www.mozilla.org/security/advisories/mfsa2023-09 https://www.mozilla.org/security/advisories/mfsa2023-10 https://www.mozilla.org/security/advisories/mfsa2023-11 https://access.redhat.com/security/cve/CVE-2023-25751 https://bugzilla.redhat.com/show_bug.cgi?id=2178458 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-28162 – Mozilla: Invalid downcast in Worklets
https://notcve.org/view.php?id=CVE-2023-28162
While implementing AudioWorklets, some code may have casted one type to another, invalid, dynamic type. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9. The Mozilla Foundation Security Advisory describes this flaw as: While implementing AudioWorklets, some code may have cast one type to another, invalid, dynamic type. This could have led to a potentially exploitable crash. • https://bugzilla.mozilla.org/show_bug.cgi?id=1811327 https://www.mozilla.org/security/advisories/mfsa2023-09 https://www.mozilla.org/security/advisories/mfsa2023-10 https://www.mozilla.org/security/advisories/mfsa2023-11 https://access.redhat.com/security/cve/CVE-2023-28162 https://bugzilla.redhat.com/show_bug.cgi?id=2178466 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-25752 – Mozilla: Potential out-of-bounds when accessing throttled streams
https://notcve.org/view.php?id=CVE-2023-25752
When accessing throttled streams, the count of available bytes needed to be checked in the calling function to be within bounds. This may have lead future code to be incorrect and vulnerable. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9. A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when accessing throttled streams, the count of available bytes needs to be checked in the calling function to be within bounds. • https://bugzilla.mozilla.org/show_bug.cgi?id=1811627 https://www.mozilla.org/security/advisories/mfsa2023-09 https://www.mozilla.org/security/advisories/mfsa2023-10 https://www.mozilla.org/security/advisories/mfsa2023-11 https://access.redhat.com/security/cve/CVE-2023-25752 https://bugzilla.redhat.com/show_bug.cgi?id=2178460 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-25737 – Mozilla: Invalid downcast in SVGUtils::SetupStrokeGeometry
https://notcve.org/view.php?id=CVE-2023-25737
An invalid downcast from <code>nsTextNode</code> to <code>SVGElement</code> could have lead to undefined behavior. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. The Mozilla Foundation Security Advisory describes this flaw as: An invalid downcast from `nsTextNode` to `SVGElement` could have lead to undefined behavior. • https://bugzilla.mozilla.org/show_bug.cgi?id=1811464 https://www.mozilla.org/security/advisories/mfsa2023-05 https://www.mozilla.org/security/advisories/mfsa2023-06 https://www.mozilla.org/security/advisories/mfsa2023-07 https://access.redhat.com/security/cve/CVE-2023-25737 https://bugzilla.redhat.com/show_bug.cgi?id=2170379 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-25730 – Mozilla: Screen hijack via browser fullscreen mode
https://notcve.org/view.php?id=CVE-2023-25730
A background script invoking <code>requestFullscreen</code> and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. The Mozilla Foundation Security Advisory describes this flaw as: A background script invoking `requestFullscreen` and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks. • https://bugzilla.mozilla.org/show_bug.cgi?id=1794622 https://www.mozilla.org/security/advisories/mfsa2023-05 https://www.mozilla.org/security/advisories/mfsa2023-06 https://www.mozilla.org/security/advisories/mfsa2023-07 https://access.redhat.com/security/cve/CVE-2023-25730 https://bugzilla.redhat.com/show_bug.cgi?id=2170375 • CWE-821: Incorrect Synchronization •