CVE-2021-23965
First published: Tue Jan 26 2021(Updated: )
Mozilla developers reported memory safety bugs present in Firefox 84. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 85.
Credit: security@mozilla.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Firefox | <85 | 85 |
| Firefox | <85.0 |
Remedy
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1670378%2C1673555%2C1676812%2C1678582%2C1684497
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Peer vulnerabilities
(Found alongside the following vulnerabilities)
Frequently Asked Questions
What is the severity of CVE-2021-23965?
CVE-2021-23965 is classified as a critical vulnerability due to potential memory corruption leading to arbitrary code execution.
How do I fix CVE-2021-23965?
To address CVE-2021-23965, update Firefox to version 85 or newer.
Which versions of Firefox are affected by CVE-2021-23965?
CVE-2021-23965 affects all versions of Firefox prior to version 85.
Can CVE-2021-23965 be exploited remotely?
Yes, CVE-2021-23965 has the potential to be exploited remotely if a user visits a malicious webpage.
What are the consequences of exploiting CVE-2021-23965?
Exploiting CVE-2021-23965 could allow an attacker to execute arbitrary code on the affected system.
- agent/first-publish-date
- agent/type
- agent/references
- agent/remedy
- agent/weakness
- agent/author
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/mozilla-advisory
- agent/software-canonical-lookup-request
- source/Mozilla
- agent/software-canonical-lookup
- collector/nvd-index
- vendor/mozilla
- canonical/firefox