CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
62.3%
firefox and thunderbird are vulnerable to Denial of Service (DoS) attacks. The vulnerability occurs when Firefox parses HTML with DOMParser in low memory situations which could lead to an application crash due to out-of-bounds reads.
bugzilla.mozilla.org/show_bug.cgi?id=1841368
lists.debian.org/debian-lts-announce/2023/08/msg00008.html
lists.debian.org/debian-lts-announce/2023/08/msg00010.html
security-tracker.debian.org/tracker/CVE-2023-4048
www.debian.org/security/2023/dsa-5464
www.debian.org/security/2023/dsa-5469
www.mozilla.org/security/advisories/mfsa2023-29/
www.mozilla.org/security/advisories/mfsa2023-30/
www.mozilla.org/security/advisories/mfsa2023-31/