CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-29536 – Mozilla: Invalid free from JavaScript code
https://notcve.org/view.php?id=CVE-2023-29536
An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10. The Mozilla Foundation Security Advisory describes this flaw as: An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash. • https://bugzilla.mozilla.org/show_bug.cgi?id=1821959 https://www.mozilla.org/security/advisories/mfsa2023-13 https://www.mozilla.org/security/advisories/mfsa2023-14 https://www.mozilla.org/security/advisories/mfsa2023-15 https://access.redhat.com/security/cve/CVE-2023-29536 https://bugzilla.redhat.com/show_bug.cgi?id=2186104 • CWE-416: Use After Free CWE-617: Reachable Assertion •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-29538
https://notcve.org/view.php?id=CVE-2023-29538
Under specific circumstances a WebExtension may have received a <code>jar:file:///</code> URI instead of a <code>moz-extension:///</code> URI during a load request. This leaked directory paths on the user's machine. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112. • https://bugzilla.mozilla.org/show_bug.cgi?id=1685403 https://www.mozilla.org/security/advisories/mfsa2023-13 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28161
https://notcve.org/view.php?id=CVE-2023-28161
If temporary "one-time" permissions, such as the ability to use the Camera, were granted to a document loaded using a file: URL, that permission persisted in that tab for all other documents loaded from a file: URL. This is potentially dangerous if the local files came from different sources, such as in a download directory. This vulnerability affects Firefox < 111. • https://bugzilla.mozilla.org/show_bug.cgi?id=1811181 https://www.mozilla.org/security/advisories/mfsa2023-09 • CWE-281: Improper Preservation of Permissions •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25750
https://notcve.org/view.php?id=CVE-2023-25750
Under certain circumstances, a ServiceWorker's offline cache may have leaked to the file system when using private browsing mode. This vulnerability affects Firefox < 111. • https://bugzilla.mozilla.org/show_bug.cgi?id=1814733 https://www.mozilla.org/security/advisories/mfsa2023-09 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28160
https://notcve.org/view.php?id=CVE-2023-28160
When following a redirect to a publicly accessible web extension file, the URL may have been translated to the actual local path, leaking potentially sensitive information. This vulnerability affects Firefox < 111. • https://bugzilla.mozilla.org/show_bug.cgi?id=1802385 https://www.mozilla.org/security/advisories/mfsa2023-09 •