CVE-2023-28177
First published: Tue Mar 14 2023(Updated: )
Memory safety bugs present in Firefox 110. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 111.
Credit: security@mozilla.org security@mozilla.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mozilla Firefox | <111 | 111 |
| Mozilla Firefox | <111.0 | |
| ubuntu/firefox | <111.0+ | 111.0+ |
| ubuntu/firefox | <111.0+ | 111.0+ |
| debian/firefox | 129.0-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1803109%2C1808832%2C1809542%2C1817336
- https://www.mozilla.org/security/advisories/mfsa2023-09/
- https://launchpad.net/bugs/cve/CVE-2023-28177
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-09/
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-09/#CVE-2023-28160
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-09/#CVE-2023-28177
- https://security-tracker.debian.org/tracker/CVE-2023-28177
- https://ubuntu.com/security/notices/USN-5954-1
- https://www.cve.org/CVERecord?id=CVE-2023-28177
- https://nvd.nist.gov/vuln/detail/CVE-2023-28177
- https://ubuntu.com/security/CVE-2023-28177
Peer vulnerabilities
(Found alongside the following vulnerabilities)
Frequently Asked Questions
What is the severity of CVE-2023-28177?
The severity of CVE-2023-28177 is high.
Which software is affected by CVE-2023-28177?
Mozilla Firefox versions up to exclusive 111.0+ on Ubuntu and Debian, including Ubuntu bionic, Ubuntu focal, and Debian.
What is the remedy for CVE-2023-28177 on Mozilla Firefox?
Upgrade Mozilla Firefox to version 111.0+.
Where can I find more information about CVE-2023-28177?
You can find more information about CVE-2023-28177 in the references provided: [Mozilla Bugzilla](https://bugzilla.mozilla.org/buglist.cgi?bug_id=1803109%2C1808832%2C1809542%2C1817336), [Mozilla Security Advisory](https://www.mozilla.org/security/advisories/mfsa2023-09/), and [Launchpad](https://launchpad.net/bugs/cve/CVE-2023-28177).
- collector/nvd-latest
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- collector/launchpad-cve
- source/Launchpad
- agent/author
- agent/severity
- agent/description
- agent/event
- agent/weakness
- collector/mozilla-advisory
- agent/software-canonical-lookup-request
- agent/references
- agent/tags
- source/Mozilla
- agent/software-canonical-lookup
- collector/nvd-cve
- source/NVD
- collector/nvd-index
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- collector/usn-cve
- source/Ubuntu
- vendor/mozilla
- canonical/mozilla firefox
- package-manager/debian
- package-manager/ubuntu