What is CVE-2023-25745?

CVE-2023-25745 is a vulnerability that involves memory safety bugs present in Firefox 109.

What is the severity of CVE-2023-25745?

The severity of CVE-2023-25745 is high with a severity value of 7.

Which software is affected by CVE-2023-25745?

Mozilla Firefox versions up to and including 110, Ubuntu Firefox packages up to and including version 110.0-1, and Debian Firefox packages with version 117.0.1-1 are affected by CVE-2023-25745.

How can CVE-2023-25745 be exploited?

CVE-2023-25745 could potentially be exploited to run arbitrary code.

Where can I find more information about CVE-2023-25745?

You can find more information about CVE-2023-25745 at the following references: [Bugzilla](https://bugzilla.mozilla.org/buglist.cgi?bug_id=1688592%2C1797186%2C1804998%2C1806521%2C1813284), [Mozilla Security Advisories](https://www.mozilla.org/security/advisories/mfsa2023-05/), [Launchpad](https://launchpad.net/bugs/cve/CVE-2023-25745).

Vulnerability/
CVE-2023-25745

high

8.8

CWE

787

14/2/2023

2/6/2023

2/8/2024

CVE-2023-25745

First published: Tue Feb 14 2023(Updated: )

Last updated 24 July 2024

Credit: security@mozilla.org security@mozilla.org

Affected Software	Affected Version	How to fix
Mozilla Firefox	<110	110
Mozilla Firefox	<110.0
debian/firefox		131.0.2-2

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

MFSA2023-05

Peer vulnerabilities

(Found alongside the following vulnerabilities)

Frequently Asked Questions

What is CVE-2023-25745?
CVE-2023-25745 is a vulnerability that involves memory safety bugs present in Firefox 109.
What is the severity of CVE-2023-25745?
The severity of CVE-2023-25745 is high with a severity value of 7.
Which software is affected by CVE-2023-25745?
Mozilla Firefox versions up to and including 110, Ubuntu Firefox packages up to and including version 110.0-1, and Debian Firefox packages with version 117.0.1-1 are affected by CVE-2023-25745.
How can CVE-2023-25745 be exploited?
CVE-2023-25745 could potentially be exploited to run arbitrary code.
Where can I find more information about CVE-2023-25745?
You can find more information about CVE-2023-25745 at the following references: [Bugzilla](https://bugzilla.mozilla.org/buglist.cgi?bug_id=1688592%2C1797186%2C1804998%2C1806521%2C1813284), [Mozilla Security Advisories](https://www.mozilla.org/security/advisories/mfsa2023-05/), [Launchpad](https://launchpad.net/bugs/cve/CVE-2023-25745).

collector/nvd-latest
agent/type
collector/launchpad-cve
source/Launchpad
agent/author
agent/first-publish-date
agent/weakness
agent/severity
collector/mozilla-advisory
agent/software-canonical-lookup-request
source/Mozilla
agent/software-canonical-lookup
collector/nvd-cve
source/NVD
collector/nvd-index
collector/mitre-cve
source/MITRE
agent/last-modified-date
collector/usn-cve
source/Ubuntu
collector/security-tracker-debian
source/Debian
agent/references
agent/description
agent/softwarecombine
agent/tags
agent/event
agent/trending
vendor/mozilla
canonical/mozilla firefox
package-manager/debian