Lucene search
Alpine Linux Development TeamALPINE:CVE-2023-25739HistoryJun 02, 2023 - 5:15 p.m.
CVE-2023-25739
2023-06-0217:15:11
Alpine Linux Development Team
security.alpinelinux.org
12
cve-2023-25739
scriptloadcontext
use-after-free
unix
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.5
Confidence
High
EPSS
0.002
Percentile
58.9%
Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in <code>ScriptLoadContext</code>. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | edge-community | noarch | firefox-esr | < 102.8.0-r0 | UNKNOWN |
| Alpine | 3.18-community | noarch | firefox-esr | < 102.8.0-r0 | UNKNOWN |
| Alpine | 3.19-community | noarch | firefox-esr | < 102.8.0-r0 | UNKNOWN |
| Alpine | 3.20-community | noarch | firefox-esr | < 102.8.0-r0 | UNKNOWN |
Related
veracode
veracode
Denial Of Service (DoS)
2023-02-25 20:49:42
prion
prion
Code injection
2023-06-02 17:15:00
ubuntucve
ubuntucve
CVE-2023-25739
2023-02-15 00:00:00
cve
cve
CVE-2023-25739
2023-06-02 17:15:11
debiancve
debiancve
CVE-2023-25739
2023-06-02 17:15:11
redhatcve
redhatcve
CVE-2023-25739
2023-02-16 09:31:18
cvelist
cvelist
CVE-2023-25739
2023-06-02 00:00:00
nvd
nvd
CVE-2023-25739
2023-06-02 17:15:11
altlinux
altlinux
Security fix for the ALT Linux 10 package palemoon version 2:32.0.1-alt1
2023-03-16 00:00:00
Security fix for the ALT Linux 10 package thunderbird version 102.8.0-alt1
2023-03-10 00:00:00
Security fix for the ALT Linux 10 package firefox-esr version 102.8.0-alt1
2023-03-15 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6120-1)
2023-05-31 00:00:00
Mozilla Firefox ESR Security Advisories (MFSA2023-05, MFSA2023-06) - Windows
2023-03-03 00:00:00
Mageia: Security Advisory (MGASA-2023-0057)
2023-03-28 00:00:00
ubuntu
ubuntu
SpiderMonkey vulnerabilities
2023-05-30 00:00:00
Thunderbird vulnerabilities
2023-03-13 00:00:00
Firefox regressions
2023-03-01 00:00:00
osv
osv
mozjs102 vulnerabilities
2023-05-30 14:32:35
firefox-esr - security update
2023-02-16 00:00:00
thunderbird vulnerabilities
2023-03-13 04:00:01
nessus
nessus
Ubuntu 22.04 LTS / 23.04 : SpiderMonkey vulnerabilities (USN-6120-1)
2023-05-30 00:00:00
RHEL 9 : firefox (RHSA-2023:0809)
2023-02-20 00:00:00
RHEL 8 : firefox (RHSA-2023:0811)
2023-02-20 00:00:00
redhat
redhat
(RHSA-2023:0808) Important: firefox security update
2023-02-20 07:59:06
(RHSA-2023:0810) Important: firefox security update
2023-02-20 07:59:15
(RHSA-2023:0811) Important: firefox security update
2023-02-20 08:00:07
debian
debian
[SECURITY] [DSA 5350-1] firefox-esr security update
2023-02-15 22:15:01
[SECURITY] [DLA 3319-1] firefox-esr security update
2023-02-16 11:30:55
[SECURITY] [DSA 5355-1] thunderbird security update
2023-02-18 18:55:02
centos
centos
firefox security update
2023-02-22 17:50:01
thunderbird security update
2023-02-22 17:48:54
mageia
mageia
Updated firefox packages fix security vulnerability
2023-02-21 00:25:36
Updated thunderbird packages fix security vulnerability
2023-02-21 00:25:36
almalinux
almalinux
Important: firefox security update
2023-02-20 00:00:00
Important: thunderbird security update
2023-02-20 00:00:00
Important: firefox security update
2023-02-20 00:00:00
oraclelinux
oraclelinux
firefox security update
2023-02-21 00:00:00
firefox security update
2023-02-20 00:00:00
firefox security update
2023-02-20 00:00:00
rocky
rocky
firefox security update
2023-02-22 01:09:41
firefox security update
2023-02-22 01:08:53
thunderbird security update
2023-02-22 01:08:53
redos
redos
ROS-20230315-01
2023-03-15 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 102.8 — Mozilla
2023-02-14 00:00:00
Security Vulnerabilities fixed in Thunderbird 102.8 — Mozilla
2023-02-15 00:00:00
Security Vulnerabilities fixed in Firefox 110 — Mozilla
2023-02-14 00:00:00
slackware
slackware
[slackware-security] mozilla-thunderbird
2023-02-16 22:10:42
[slackware-security] mozilla-firefox
2023-02-15 03:05:52
amazon
amazon
Important: thunderbird
2023-03-02 22:36:00
Important: thunderbird
2023-03-02 22:36:00
kaspersky
kaspersky
KLA20238 Multiple vulnerabilities in Mozilla Firefox ESR
2023-02-14 00:00:00
KLA20239 Multiple vulnerabilities in Mozilla Thunderbird
2023-02-15 00:00:00
KLA20237 Multiple vulnerabilities in Mozilla Firefox
2023-02-14 00:00:00
gentoo
gentoo
Mozilla Thunderbird: Multiple Vulnerabilities
2023-05-30 00:00:00
Mozilla Firefox: Multiple Vulnerabilities
2023-05-30 00:00:00
ibm
ibm
photon
photon
Critical Photon OS Security Update - PHSA-2023-5.0-0035
2023-06-22 00:00:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.5
Confidence
High
EPSS
0.002
Percentile
58.9%
Related for ALPINE:CVE-2023-25739