VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-4wvx-r8ap-aaaf

Essentials
Severities (109)
References (57)
Severity details (24)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-4wvx-r8ap-aaaf
Aliases	CVE-2023-6858
Summary	Firefox was susceptible to a heap buffer overflow in `nsTextFragment` due to insufficient OOM handling. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (2)

CWE-787	Out-of-bounds Write
CWE-122	Heap-based Buffer Overflow

System	Score	Found at
cvssv3	8.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6858.json
epss	0.00099	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00106	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00106	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00124	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00124	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00124	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00124	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00124	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00124	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00124	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00124	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00124	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00124	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00124	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00178	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00178	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.0028	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.0028	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.0028	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.0028	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.0028	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.0028	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.0028	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.0028	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.0028	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.0028	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.0028	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.0028	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.0028	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.0028	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.0028	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.0028	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.0028	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.0028	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.0028	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.0028	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.0028	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.0028	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.00381	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.01843	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.01843	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.01843	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.01843	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.01843	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.01843	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.01843	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.01843	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.01843	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.01843	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.01843	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.01843	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.01843	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.01843	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
epss	0.03984	https://api.first.org/data/v1/epss?cve=CVE-2023-6858
cvssv3.1	8.8	https://bugzilla.mozilla.org/show_bug.cgi?id=1826791
ssvc	Track	https://bugzilla.mozilla.org/show_bug.cgi?id=1826791
cvssv3.1	8.8	https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html
ssvc	Track	https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html
cvssv3.1	8.8	https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html
ssvc	Track	https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html
cvssv3	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-6858
cvssv3.1	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-6858
cvssv3.1	8.8	https://security.gentoo.org/glsa/202401-10
ssvc	Track	https://security.gentoo.org/glsa/202401-10
cvssv3.1	8.8	https://www.debian.org/security/2023/dsa-5581
ssvc	Track	https://www.debian.org/security/2023/dsa-5581
cvssv3.1	8.8	https://www.debian.org/security/2023/dsa-5582
ssvc	Track	https://www.debian.org/security/2023/dsa-5582
generic_textual	high	https://www.mozilla.org/en-US/security/advisories/mfsa2023-54
generic_textual	high	https://www.mozilla.org/en-US/security/advisories/mfsa2023-55
generic_textual	high	https://www.mozilla.org/en-US/security/advisories/mfsa2023-56
cvssv3.1	8.8	https://www.mozilla.org/security/advisories/mfsa2023-54/
ssvc	Track	https://www.mozilla.org/security/advisories/mfsa2023-54/
cvssv3.1	8.8	https://www.mozilla.org/security/advisories/mfsa2023-55/
ssvc	Track	https://www.mozilla.org/security/advisories/mfsa2023-55/
cvssv3.1	8.8	https://www.mozilla.org/security/advisories/mfsa2023-56/
ssvc	Track	https://www.mozilla.org/security/advisories/mfsa2023-56/

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6858.json
		https://api.first.org/data/v1/epss?cve=CVE-2023-6858
		https://bugzilla.mozilla.org/show_bug.cgi?id=1826791
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873
		https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html
		https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html
		https://www.debian.org/security/2023/dsa-5581
		https://www.debian.org/security/2023/dsa-5582
		https://www.mozilla.org/security/advisories/mfsa2023-54/
		https://www.mozilla.org/security/advisories/mfsa2023-55/
		https://www.mozilla.org/security/advisories/mfsa2023-56/
2255363		https://bugzilla.redhat.com/show_bug.cgi?id=2255363
cpe:2.3:a:mozilla:firefox::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
cpe:2.3:a:mozilla:firefox_esr::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr::::::::
cpe:2.3:a:mozilla:thunderbird::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
cpe:2.3:o:debian:debian_linux:10.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
cpe:2.3:o:debian:debian_linux:11.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:11.0:::::::*
cpe:2.3:o:debian:debian_linux:12.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:12.0:::::::*
CVE-2023-6858		https://nvd.nist.gov/vuln/detail/CVE-2023-6858
GLSA-202401-10		https://security.gentoo.org/glsa/202401-10
GLSA-202402-25		https://security.gentoo.org/glsa/202402-25
mfsa2023-54		https://www.mozilla.org/en-US/security/advisories/mfsa2023-54
mfsa2023-55		https://www.mozilla.org/en-US/security/advisories/mfsa2023-55
mfsa2023-56		https://www.mozilla.org/en-US/security/advisories/mfsa2023-56
RHSA-2024:0001		https://access.redhat.com/errata/RHSA-2024:0001
RHSA-2024:0002		https://access.redhat.com/errata/RHSA-2024:0002
RHSA-2024:0003		https://access.redhat.com/errata/RHSA-2024:0003
RHSA-2024:0004		https://access.redhat.com/errata/RHSA-2024:0004
RHSA-2024:0005		https://access.redhat.com/errata/RHSA-2024:0005
RHSA-2024:0011		https://access.redhat.com/errata/RHSA-2024:0011
RHSA-2024:0012		https://access.redhat.com/errata/RHSA-2024:0012
RHSA-2024:0019		https://access.redhat.com/errata/RHSA-2024:0019
RHSA-2024:0021		https://access.redhat.com/errata/RHSA-2024:0021
RHSA-2024:0022		https://access.redhat.com/errata/RHSA-2024:0022
RHSA-2024:0023		https://access.redhat.com/errata/RHSA-2024:0023
RHSA-2024:0024		https://access.redhat.com/errata/RHSA-2024:0024
RHSA-2024:0025		https://access.redhat.com/errata/RHSA-2024:0025
RHSA-2024:0026		https://access.redhat.com/errata/RHSA-2024:0026
RHSA-2024:0027		https://access.redhat.com/errata/RHSA-2024:0027
RHSA-2024:0028		https://access.redhat.com/errata/RHSA-2024:0028
RHSA-2024:0029		https://access.redhat.com/errata/RHSA-2024:0029
RHSA-2024:0030		https://access.redhat.com/errata/RHSA-2024:0030
USN-6562-1		https://usn.ubuntu.com/6562-1/
USN-6563-1		https://usn.ubuntu.com/6563-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6858.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://bugzilla.mozilla.org/show_bug.cgi?id=1826791

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:24:54Z/ Found at https://bugzilla.mozilla.org/show_bug.cgi?id=1826791

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:24:54Z/ Found at https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:24:54Z/ Found at https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-6858

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-6858

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://security.gentoo.org/glsa/202401-10

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:24:54Z/ Found at https://security.gentoo.org/glsa/202401-10

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.debian.org/security/2023/dsa-5581

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:24:54Z/ Found at https://www.debian.org/security/2023/dsa-5581

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.debian.org/security/2023/dsa-5582

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:24:54Z/ Found at https://www.debian.org/security/2023/dsa-5582

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.mozilla.org/security/advisories/mfsa2023-54/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:24:54Z/ Found at https://www.mozilla.org/security/advisories/mfsa2023-54/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.mozilla.org/security/advisories/mfsa2023-55/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:24:54Z/ Found at https://www.mozilla.org/security/advisories/mfsa2023-55/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.mozilla.org/security/advisories/mfsa2023-56/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:24:54Z/ Found at https://www.mozilla.org/security/advisories/mfsa2023-56/

Exploit Prediction Scoring System (EPSS)

Percentile	0.42179
EPSS Score	0.00099
Published At	Nov. 1, 2024, midnight

Date	Actor	Action	Source	VulnerableCode Version
2024-01-03T17:14:55.127842+00:00	NVD Importer	Import	https://nvd.nist.gov/vuln/detail/CVE-2023-6858	34.0.0rc1