CVE-2023-29531: An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable...

0.0 CVSS

Description

An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.

*This bug only affects Firefox and Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.

Classification

CVE ID: CVE-2023-29531

CVSS Base Severity: LOW

CVSS Base Score: 0.0

Affected Products

Vendor: Mozilla

Product: Firefox

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.29% (probability of being exploited)

EPSS Percentile: 68.95% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1794292
https://www.mozilla.org/security/advisories/mfsa2023-13/
https://www.mozilla.org/security/advisories/mfsa2023-14/
https://www.mozilla.org/security/advisories/mfsa2023-15/

Timeline

2024-12-12 00:30:34 UTC
CVE

An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable...