First published: Tue Apr 11 2023(Updated: )
Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 102.10 and Firefox ESR < 102.10.
Credit: security@mozilla.org security@mozilla.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mozilla Firefox ESR | <102.10 | 102.10 |
Mozilla Firefox ESR | <102.10 | |
Mozilla Thunderbird | <102.10 | |
Mozilla Thunderbird | <102.10 | 102.10 |
ubuntu/thunderbird | <1:102.10.0+ | 1:102.10.0+ |
ubuntu/thunderbird | <1:102.10.0+ | 1:102.10.0+ |
ubuntu/thunderbird | <1:102.10.0+ | 1:102.10.0+ |
ubuntu/thunderbird | <1:102.10.0+ | 1:102.10.0+ |
debian/firefox-esr | 115.12.0esr-1~deb11u1 115.13.0esr-1~deb11u1 115.12.0esr-1~deb12u1 115.13.0esr-1~deb12u1 115.13.0esr-2 115.14.0esr-1 | |
debian/thunderbird | 1:115.12.0-1~deb11u1 1:115.13.0-1~deb11u1 1:115.12.0-1~deb12u1 1:115.13.0-1~deb12u1 1:115.13.0-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2023-1945 is a vulnerability that could have led to memory corruption and a potentially exploitable crash in Thunderbird and Firefox ESR.
Thunderbird versions prior to 102.10 and Firefox ESR versions prior to 102.10 are affected by CVE-2023-1945.
CVE-2023-1945 has a severity rating of medium.
To fix the CVE-2023-1945 vulnerability in Thunderbird, update to version 102.10 or higher.
To fix the CVE-2023-1945 vulnerability in Firefox ESR, update to version 102.10 or higher.