VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
cvssv3	6.1	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6857.json
epss	0.00235	https://api.first.org/data/v1/epss?cve=CVE-2023-6857
epss	0.00235	https://api.first.org/data/v1/epss?cve=CVE-2023-6857
epss	0.00235	https://api.first.org/data/v1/epss?cve=CVE-2023-6857
epss	0.00235	https://api.first.org/data/v1/epss?cve=CVE-2023-6857
epss	0.00235	https://api.first.org/data/v1/epss?cve=CVE-2023-6857
epss	0.00235	https://api.first.org/data/v1/epss?cve=CVE-2023-6857
epss	0.00235	https://api.first.org/data/v1/epss?cve=CVE-2023-6857
epss	0.00235	https://api.first.org/data/v1/epss?cve=CVE-2023-6857
epss	0.00235	https://api.first.org/data/v1/epss?cve=CVE-2023-6857
epss	0.00235	https://api.first.org/data/v1/epss?cve=CVE-2023-6857
epss	0.00235	https://api.first.org/data/v1/epss?cve=CVE-2023-6857
epss	0.00235	https://api.first.org/data/v1/epss?cve=CVE-2023-6857
epss	0.00235	https://api.first.org/data/v1/epss?cve=CVE-2023-6857
epss	0.00235	https://api.first.org/data/v1/epss?cve=CVE-2023-6857
epss	0.00235	https://api.first.org/data/v1/epss?cve=CVE-2023-6857
epss	0.00235	https://api.first.org/data/v1/epss?cve=CVE-2023-6857
epss	0.00235	https://api.first.org/data/v1/epss?cve=CVE-2023-6857
epss	0.00235	https://api.first.org/data/v1/epss?cve=CVE-2023-6857
cvssv3.1	5.3	https://nvd.nist.gov/vuln/detail/CVE-2023-6857
generic_textual	high	https://www.mozilla.org/en-US/security/advisories/mfsa2023-54
generic_textual	high	https://www.mozilla.org/en-US/security/advisories/mfsa2023-55
generic_textual	high	https://www.mozilla.org/en-US/security/advisories/mfsa2023-56

System

Score

Found at

cvssv3

6.1

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6857.json

epss

0.00235

https://api.first.org/data/v1/epss?cve=CVE-2023-6857

epss

0.00235

https://api.first.org/data/v1/epss?cve=CVE-2023-6857

epss

0.00235

https://api.first.org/data/v1/epss?cve=CVE-2023-6857

epss

0.00235

https://api.first.org/data/v1/epss?cve=CVE-2023-6857

epss

0.00235

https://api.first.org/data/v1/epss?cve=CVE-2023-6857

epss

0.00235

https://api.first.org/data/v1/epss?cve=CVE-2023-6857

epss

0.00235

https://api.first.org/data/v1/epss?cve=CVE-2023-6857

epss

0.00235

https://api.first.org/data/v1/epss?cve=CVE-2023-6857

epss

0.00235

https://api.first.org/data/v1/epss?cve=CVE-2023-6857

epss

0.00235

https://api.first.org/data/v1/epss?cve=CVE-2023-6857

epss

0.00235

https://api.first.org/data/v1/epss?cve=CVE-2023-6857

epss

0.00235

https://api.first.org/data/v1/epss?cve=CVE-2023-6857

epss

0.00235

https://api.first.org/data/v1/epss?cve=CVE-2023-6857

epss

0.00235

https://api.first.org/data/v1/epss?cve=CVE-2023-6857

epss

0.00235

https://api.first.org/data/v1/epss?cve=CVE-2023-6857

epss

0.00235

https://api.first.org/data/v1/epss?cve=CVE-2023-6857

epss

0.00235

https://api.first.org/data/v1/epss?cve=CVE-2023-6857

epss

0.00235

https://api.first.org/data/v1/epss?cve=CVE-2023-6857

cvssv3.1

5.3

https://nvd.nist.gov/vuln/detail/CVE-2023-6857

generic_textual

high

https://www.mozilla.org/en-US/security/advisories/mfsa2023-54

generic_textual

high

https://www.mozilla.org/en-US/security/advisories/mfsa2023-55

generic_textual

high

https://www.mozilla.org/en-US/security/advisories/mfsa2023-56

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6857.json
		https://api.first.org/data/v1/epss?cve=CVE-2023-6857
		https://bugzilla.mozilla.org/show_bug.cgi?id=1796023
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873
		https://security.gentoo.org/glsa/202401-10
2255362		https://bugzilla.redhat.com/show_bug.cgi?id=2255362
cpe:2.3:o:debian:debian_linux:10.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
cpe:2.3:o:debian:debian_linux:11.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:11.0:::::::*
cpe:2.3:o:debian:debian_linux:12.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:12.0:::::::*
CVE-2023-6857		https://nvd.nist.gov/vuln/detail/CVE-2023-6857
mfsa2023-54		https://www.mozilla.org/en-US/security/advisories/mfsa2023-54
mfsa2023-55		https://www.mozilla.org/en-US/security/advisories/mfsa2023-55
mfsa2023-56		https://www.mozilla.org/en-US/security/advisories/mfsa2023-56
RHSA-2024:0001		https://access.redhat.com/errata/RHSA-2024:0001
RHSA-2024:0002		https://access.redhat.com/errata/RHSA-2024:0002
RHSA-2024:0003		https://access.redhat.com/errata/RHSA-2024:0003
RHSA-2024:0004		https://access.redhat.com/errata/RHSA-2024:0004
RHSA-2024:0005		https://access.redhat.com/errata/RHSA-2024:0005
RHSA-2024:0011		https://access.redhat.com/errata/RHSA-2024:0011
RHSA-2024:0012		https://access.redhat.com/errata/RHSA-2024:0012
RHSA-2024:0019		https://access.redhat.com/errata/RHSA-2024:0019
RHSA-2024:0021		https://access.redhat.com/errata/RHSA-2024:0021
RHSA-2024:0022		https://access.redhat.com/errata/RHSA-2024:0022
RHSA-2024:0023		https://access.redhat.com/errata/RHSA-2024:0023
RHSA-2024:0024		https://access.redhat.com/errata/RHSA-2024:0024
RHSA-2024:0025		https://access.redhat.com/errata/RHSA-2024:0025
RHSA-2024:0026		https://access.redhat.com/errata/RHSA-2024:0026
RHSA-2024:0027		https://access.redhat.com/errata/RHSA-2024:0027
RHSA-2024:0028		https://access.redhat.com/errata/RHSA-2024:0028
RHSA-2024:0029		https://access.redhat.com/errata/RHSA-2024:0029
RHSA-2024:0030		https://access.redhat.com/errata/RHSA-2024:0030
USN-6562-1		https://usn.ubuntu.com/6562-1/
USN-6563-1		https://usn.ubuntu.com/6563-1/

Reference id

Reference type

URL

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6857.json

https://api.first.org/data/v1/epss?cve=CVE-2023-6857

https://bugzilla.mozilla.org/show_bug.cgi?id=1796023

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873

https://security.gentoo.org/glsa/202401-10

2255362

https://bugzilla.redhat.com/show_bug.cgi?id=2255362

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*

CVE-2023-6857

https://nvd.nist.gov/vuln/detail/CVE-2023-6857

mfsa2023-54

https://www.mozilla.org/en-US/security/advisories/mfsa2023-54

mfsa2023-55

https://www.mozilla.org/en-US/security/advisories/mfsa2023-55

mfsa2023-56

https://www.mozilla.org/en-US/security/advisories/mfsa2023-56

RHSA-2024:0001

https://access.redhat.com/errata/RHSA-2024:0001

RHSA-2024:0002

https://access.redhat.com/errata/RHSA-2024:0002

RHSA-2024:0003

https://access.redhat.com/errata/RHSA-2024:0003

RHSA-2024:0004

https://access.redhat.com/errata/RHSA-2024:0004

RHSA-2024:0005

https://access.redhat.com/errata/RHSA-2024:0005

RHSA-2024:0011

https://access.redhat.com/errata/RHSA-2024:0011

RHSA-2024:0012

https://access.redhat.com/errata/RHSA-2024:0012

RHSA-2024:0019

https://access.redhat.com/errata/RHSA-2024:0019

RHSA-2024:0021

https://access.redhat.com/errata/RHSA-2024:0021

RHSA-2024:0022

https://access.redhat.com/errata/RHSA-2024:0022

RHSA-2024:0023

https://access.redhat.com/errata/RHSA-2024:0023

RHSA-2024:0024

https://access.redhat.com/errata/RHSA-2024:0024

RHSA-2024:0025

https://access.redhat.com/errata/RHSA-2024:0025

RHSA-2024:0026

https://access.redhat.com/errata/RHSA-2024:0026

RHSA-2024:0027

https://access.redhat.com/errata/RHSA-2024:0027

RHSA-2024:0028

https://access.redhat.com/errata/RHSA-2024:0028

RHSA-2024:0029

https://access.redhat.com/errata/RHSA-2024:0029

RHSA-2024:0030

https://access.redhat.com/errata/RHSA-2024:0030

USN-6562-1

https://usn.ubuntu.com/6562-1/

USN-6563-1

https://usn.ubuntu.com/6563-1/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T08:09:32.637822+00:00	Mozilla Importer	Import	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2023/mfsa2023-54.yml	37.0.0

2025-07-31T08:09:32.637822+00:00

Mozilla Importer

Import

https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2023/mfsa2023-54.yml

37.0.0

Vulnerability ID	VCID-xfye-u98n-sfgw
Aliases	CVE-2023-6857
Summary	When resolving a symlink, a race may occur where the buffer passed to readlink may actually be smaller than necessary. This bug only affects Firefox on Unix-based operating systems (Android, Linux, MacOS). Windows is unaffected.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

CWE-363	Race Condition Enabling Link Following
CWE-362	Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Percentile	0.4646
EPSS Score	0.00235
Published At	July 30, 2025, 12:55 p.m.