CVE-2023-6868
Gentoo Linux Security Advisory 202401-10
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In some instances, the user-agent would allow push requests which lacked a valid VAPID even though the push manager subscription defined one. This could allow empty messages to be sent from unauthorized parties.
*This bug only affects Firefox on Android.* This vulnerability affects Firefox < 121.
En algunos casos, el agente de usuario permitiría solicitudes de inserción que carecían de un VAPID válido aunque la suscripción del administrador de inserción definiera uno. Esto podría permitir que se envíen mensajes vacíos desde partes no autorizadas. *Este error solo afecta a Firefox en Android.* Esta vulnerabilidad afecta a Firefox < 121.
In some instances, the user-agent would allow push requests which lacked a valid VAPID even though the push manager subscription defined one. This could allow empty messages to be sent from unauthorized parties. *This bug only affects Firefox on Android.* This vulnerability affects Firefox < 121.
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could lead to remote code execution. Versions greater than or equal to 115.6.0:esr are affected.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2023-12-15 CVE Reserved
- 2023-12-19 CVE Published
- 2025-02-13 CVE Updated
- 2025-06-22 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
https://security.gentoo.org/glsa/202401-10 | Third Party Advisory |
|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://www.mozilla.org/security/advisories/mfsa2023-56 | 2024-02-02 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | < 121.0 Search vendor "Mozilla" for product "Firefox" and version " < 121.0" | - |
Affected
| in | Google Search vendor "Google" | Android Search vendor "Google" for product "Android" | - | - |
Safe
|