CVE-2023-5725
25.10.2023, 18:17
A malicious installed WebExtension could open arbitrary URLs, which under the right circumstance could be leveraged to collect sensitive user data. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.Enginsight
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 𝑥 < 119.0 |
| mozilla | firefox_esr | 𝑥 < 115.4 |
| mozilla | thunderbird | 𝑥 < 115.4.1 |
| debian | debian_linux | 10.0 |
| debian | debian_linux | 11.0 |
𝑥
= Vulnerable software versions
Debian Releases
Debian Product | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| firefox |
| ||||||||||||
| firefox-esr |
| ||||||||||||
| thunderbird |
|
Ubuntu Releases
Ubuntu Product | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| firefox |
| ||||||||||||||||
| mozjs102 |
| ||||||||||||||||
| mozjs38 |
| ||||||||||||||||
| mozjs52 |
| ||||||||||||||||
| mozjs68 |
| ||||||||||||||||
| mozjs78 |
| ||||||||||||||||
| mozjs91 |
| ||||||||||||||||
| thunderbird |
|
References