Home > Vulnerability Database > CVE-2023-25752

Mend.io Vulnerability Database

CVE-2023-25752

Date: June 1, 2023

When accessing throttled streams, the count of available bytes needed to be checked in the calling function to be within bounds. This may have lead future code to be incorrect and vulnerable. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.

Language: C++

Severity Score

6.5

Related Resources (9)

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2023-25752

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-25752

Url: https://www.mozilla.org/security/advisories/mfsa2023-09/

Url: https://access.redhat.com/security/cve/CVE-2023-25752

Url: https://security-tracker.debian.org/tracker/CVE-2023-25752

Url: https://www.mozilla.org/security/advisories/mfsa2023-11/

Url: https://www.mozilla.org/security/advisories/mfsa2023-10/

Url: https://bugzilla.mozilla.org/show_bug.cgi?id=1811627

Url: https://www.mend.io/vulnerability-database/CVE-2023-25752

Severity Score

6.5

Weakness Type (CWE)

Insufficient Information

NVD-CWE-noinfo

CVSS v3.1

Base Score:	6.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	HIGH
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2023-25752

Date: June 1, 2023

Language: C++

Severity Score

Related Resources (9)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?