Search for vulnerabilities
Vulnerability details: VCID-3k99-ntct-aaah
Vulnerability ID VCID-3k99-ntct-aaah
Aliases CVE-2023-5169
Summary A compromised content process could have provided malicious data in a PathRecording resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-787 Out-of-bounds Write
System Score Found at
cvssv3 6.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5169.json
epss 0.00153 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00153 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00153 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00153 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00153 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00153 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00153 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00153 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00153 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00153 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00153 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00153 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00267 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00276 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00276 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00276 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.00307 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.01481 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.01481 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.01481 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.01481 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.01481 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.01481 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.01481 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.01481 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.01481 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.01481 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.01481 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.01481 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.01481 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.01481 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.01481 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
epss 0.02996 https://api.first.org/data/v1/epss?cve=CVE-2023-5169
cvssv3.1 8.8 https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html
generic_textual HIGH https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html
cvssv3 6.5 https://nvd.nist.gov/vuln/detail/CVE-2023-5169
cvssv3.1 6.5 https://nvd.nist.gov/vuln/detail/CVE-2023-5169
generic_textual high https://www.mozilla.org/en-US/security/advisories/mfsa2023-41
generic_textual high https://www.mozilla.org/en-US/security/advisories/mfsa2023-42
generic_textual high https://www.mozilla.org/en-US/security/advisories/mfsa2023-43
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5169.json
https://api.first.org/data/v1/epss?cve=CVE-2023-5169
https://bugzilla.mozilla.org/show_bug.cgi?id=1846685
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217
https://lists.debian.org/debian-lts-announce/2023/09/msg00034.html
https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/
https://www.debian.org/security/2023/dsa-5506
https://www.debian.org/security/2023/dsa-5513
https://www.mozilla.org/security/advisories/mfsa2023-41/
https://www.mozilla.org/security/advisories/mfsa2023-42/
https://www.mozilla.org/security/advisories/mfsa2023-43/
2240893 https://bugzilla.redhat.com/show_bug.cgi?id=2240893
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
CVE-2023-5169 https://nvd.nist.gov/vuln/detail/CVE-2023-5169
GLSA-202402-25 https://security.gentoo.org/glsa/202402-25
mfsa2023-41 https://www.mozilla.org/en-US/security/advisories/mfsa2023-41
mfsa2023-42 https://www.mozilla.org/en-US/security/advisories/mfsa2023-42
mfsa2023-43 https://www.mozilla.org/en-US/security/advisories/mfsa2023-43
RHSA-2023:5426 https://access.redhat.com/errata/RHSA-2023:5426
RHSA-2023:5427 https://access.redhat.com/errata/RHSA-2023:5427
RHSA-2023:5428 https://access.redhat.com/errata/RHSA-2023:5428
RHSA-2023:5429 https://access.redhat.com/errata/RHSA-2023:5429
RHSA-2023:5430 https://access.redhat.com/errata/RHSA-2023:5430
RHSA-2023:5432 https://access.redhat.com/errata/RHSA-2023:5432
RHSA-2023:5433 https://access.redhat.com/errata/RHSA-2023:5433
RHSA-2023:5434 https://access.redhat.com/errata/RHSA-2023:5434
RHSA-2023:5435 https://access.redhat.com/errata/RHSA-2023:5435
RHSA-2023:5436 https://access.redhat.com/errata/RHSA-2023:5436
RHSA-2023:5437 https://access.redhat.com/errata/RHSA-2023:5437
RHSA-2023:5438 https://access.redhat.com/errata/RHSA-2023:5438
RHSA-2023:5439 https://access.redhat.com/errata/RHSA-2023:5439
RHSA-2023:5440 https://access.redhat.com/errata/RHSA-2023:5440
RHSA-2023:5475 https://access.redhat.com/errata/RHSA-2023:5475
RHSA-2023:5477 https://access.redhat.com/errata/RHSA-2023:5477
USN-6404-1 https://usn.ubuntu.com/6404-1/
USN-6405-1 https://usn.ubuntu.com/6405-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5169.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-5169
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-5169
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.52299
EPSS Score 0.00153
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.