CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-0767 – nss: Arbitrary memory write via PKCS 12
https://notcve.org/view.php?id=CVE-2023-0767
An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. The Mozilla Foundation Security Advisory describes this flaw as: An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. • https://alas.aws.amazon.com/AL2/ALAS-2023-1992.html https://bugzilla.mozilla.org/show_bug.cgi?id=1804640 https://www.mozilla.org/security/advisories/mfsa2023-05 https://www.mozilla.org/security/advisories/mfsa2023-06 https://www.mozilla.org/security/advisories/mfsa2023-07 https://access.redhat.com/security/cve/CVE-2023-0767 https://bugzilla.redhat.com/show_bug.cgi?id=2170377 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-25730 – Mozilla: Screen hijack via browser fullscreen mode
https://notcve.org/view.php?id=CVE-2023-25730
A background script invoking <code>requestFullscreen</code> and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. The Mozilla Foundation Security Advisory describes this flaw as: A background script invoking `requestFullscreen` and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks. • https://bugzilla.mozilla.org/show_bug.cgi?id=1794622 https://www.mozilla.org/security/advisories/mfsa2023-05 https://www.mozilla.org/security/advisories/mfsa2023-06 https://www.mozilla.org/security/advisories/mfsa2023-07 https://access.redhat.com/security/cve/CVE-2023-25730 https://bugzilla.redhat.com/show_bug.cgi?id=2170375 • CWE-821: Incorrect Synchronization •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-25729 – Mozilla: Extensions could have opened external schemes without user knowledge
https://notcve.org/view.php?id=CVE-2023-25729
Permission prompts for opening external schemes were only shown for <code>ContentPrincipals</code> resulting in extensions being able to open them without user interaction via <code>ExpandedPrincipals</code>. This could lead to further malicious actions such as downloading files or interacting with software already installed on the system. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. The Mozilla Foundation Security Advisory describes this flaw as: Permission prompts for opening external schemes were only shown for `ContentPrincipals` resulting in extensions being able to open them without user interaction via `ExpandedPrincipals`. This could lead to further malicious actions such as downloading files or interacting with software already installed on the system. • https://bugzilla.mozilla.org/show_bug.cgi?id=1792138 https://www.mozilla.org/security/advisories/mfsa2023-05 https://www.mozilla.org/security/advisories/mfsa2023-06 https://www.mozilla.org/security/advisories/mfsa2023-07 https://access.redhat.com/security/cve/CVE-2023-25729 https://bugzilla.redhat.com/show_bug.cgi?id=2170382 • CWE-84: Improper Neutralization of Encoded URI Schemes in a Web Page •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-0430 – Mozilla: Revocation status of S/Mime signature certificates was not checked
https://notcve.org/view.php?id=CVE-2023-0430
Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed with a revoked certificate would be displayed as having a valid signature. Thunderbird versions from 68 to 102.7.0 were affected by this bug. This vulnerability affects Thunderbird < 102.7.1. The Mozilla Foundation Security Advisory describes this flaw as: Certificate OCSP revocation status was not checked when verifying S/Mime signatures. • https://bugzilla.mozilla.org/show_bug.cgi?id=1769000 https://www.mozilla.org/security/advisories/mfsa2023-04 https://access.redhat.com/security/cve/CVE-2023-0430 https://bugzilla.redhat.com/show_bug.cgi?id=2166591 • CWE-295: Improper Certificate Validation CWE-299: Improper Check for Certificate Revocation •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-23599 – Mozilla: Malicious command could be hidden in devtools output
https://notcve.org/view.php?id=CVE-2023-23599
When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7. The Mozilla Foundation Security Advisory describes this flaw as: When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within. • https://bugzilla.mozilla.org/show_bug.cgi?id=1777800 https://www.mozilla.org/security/advisories/mfsa2023-01 https://www.mozilla.org/security/advisories/mfsa2023-02 https://www.mozilla.org/security/advisories/mfsa2023-03 https://access.redhat.com/security/cve/CVE-2023-23599 https://bugzilla.redhat.com/show_bug.cgi?id=2162339 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-116: Improper Encoding or Escaping of Output •