VulnerableCode Package Details - pkg:mozilla/Firefox%20ESR@115.3.1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:mozilla/Firefox%20ESR@115.3.1

purl	pkg:mozilla/Firefox%20ESR@115.3.1

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-ghpk-c1e6-pkae	Specific handling of an attacker-controlled VP8 media stream could lead to a heap buffer overflow in the content process. We are aware of this issue being exploited in other products in the wild.	CVE-2023-5217 GHSA-qqvq-6xgj-jw8g

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-01T19:54:29.689184+00:00	Mozilla Importer	Fixing	VCID-ghpk-c1e6-pkae	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2023/mfsa2023-44.yml	38.6.0