CVE-2023-5176
First published: Tue Sep 26 2023(Updated: )
Last updated 24 July 2024
Credit: security@mozilla.org security@mozilla.org security@mozilla.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mozilla Firefox ESR | <115.3 | 115.3 |
| Mozilla Thunderbird | <115.3 | 115.3 |
| redhat/firefox | <115.3 | 115.3 |
| Mozilla Firefox | <118 | 118 |
| Mozilla Firefox | <118 | |
| Mozilla Firefox ESR | <115.3 | |
| Mozilla Thunderbird | <115.3 | |
| Debian Debian Linux | =10.0 | |
| Debian Debian Linux | =11.0 | |
| Debian Debian Linux | =12.0 | |
| debian/firefox | 133.0.3-1 | |
| debian/firefox-esr | 115.14.0esr-1~deb11u1 128.5.0esr-1~deb11u1 128.3.1esr-1~deb12u1 128.5.0esr-1~deb12u1 128.5.0esr-1 128.5.1esr-1 | |
| debian/thunderbird | 1:115.12.0-1~deb11u1 1:128.5.0esr-1~deb11u1 1:115.16.0esr-1~deb12u1 1:128.5.0esr-1~deb12u1 1:128.5.2esr-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1836353%2C1842674%2C1843824%2C1843962%2C1848890%2C1850180%2C1850983%2C1851195
- https://www.mozilla.org/security/advisories/mfsa2023-41/
- https://www.mozilla.org/security/advisories/mfsa2023-42/
- https://www.mozilla.org/security/advisories/mfsa2023-43/
- https://www.debian.org/security/2023/dsa-5506
- https://lists.debian.org/debian-lts-announce/2023/09/msg00034.html
- https://www.debian.org/security/2023/dsa-5513
- https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html
- https://launchpad.net/bugs/cve/CVE-2023-5176
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-42/
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-43/
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-42/#CVE-2023-5176
- https://access.redhat.com/errata/RHSA-2023:5427
- https://access.redhat.com/errata/RHSA-2023:5426
- https://access.redhat.com/errata/RHSA-2023:5428
- https://access.redhat.com/errata/RHSA-2023:5429
- https://access.redhat.com/errata/RHSA-2023:5430
- https://access.redhat.com/errata/RHSA-2023:5432
- https://access.redhat.com/errata/RHSA-2023:5434
- https://access.redhat.com/errata/RHSA-2023:5436
- https://access.redhat.com/errata/RHSA-2023:5435
- https://access.redhat.com/errata/RHSA-2023:5433
- https://access.redhat.com/errata/RHSA-2023:5439
- https://access.redhat.com/errata/RHSA-2023:5437
- https://access.redhat.com/errata/RHSA-2023:5440
- https://access.redhat.com/errata/RHSA-2023:5438
- https://access.redhat.com/errata/RHSA-2023:5475
- https://access.redhat.com/errata/RHSA-2023:5477
- https://bugzilla.redhat.com/show_bug.cgi?id=2240896
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-41/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176
- https://nvd.nist.gov/vuln/detail/CVE-2023-5176
- https://security-tracker.debian.org/tracker/CVE-2023-5176
- https://ubuntu.com/security/CVE-2023-5176
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-41/#CVE-2023-5176
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-43/#CVE-2023-5176
Peer vulnerabilities
(Found alongside the following vulnerabilities)
Frequently Asked Questions
What is the severity of CVE-2023-5176?
The severity of CVE-2023-5176 is high, with a severity value of 7.
Which software versions are affected by CVE-2023-5176?
Firefox ESR version up to 115.3, Firefox version up to 118, and Thunderbird version up to 115.3 are affected by CVE-2023-5176.
What are memory safety bugs?
Memory safety bugs are software vulnerabilities that occur when a program accesses memory in a way that is not intended, leading to potential security risks.
How can memory safety bugs be exploited?
Memory safety bugs can be exploited by attackers to manipulate the program's memory and potentially run arbitrary code.
Where can I find more information about CVE-2023-5176?
You can find more information about CVE-2023-5176 on the following references: [Bugzilla](https://bugzilla.mozilla.org/buglist.cgi?bug_id=1836353%2C1842674%2C1843824%2C1843962%2C1848890%2C1850180%2C1850983%2C1851195), [Mozilla Security Advisories - MFSA2023-42](https://www.mozilla.org/en-US/security/advisories/mfsa2023-42/), [Mozilla Security Advisories - MFSA2023-41](https://www.mozilla.org/en-US/security/advisories/mfsa2023-41/)
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- collector/mozilla-advisory
- source/Mozilla
- agent/software-canonical-lookup
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-5176
- agent/author
- agent/weakness
- agent/severity
- agent/software-canonical-lookup-request
- collector/nvd-index
- collector/mitre-cve
- source/MITRE
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/description
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/tags
- agent/event
- collector/nvd-cve
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- agent/trending
- vendor/mozilla
- canonical/mozilla firefox esr
- canonical/mozilla thunderbird
- package-manager/redhat
- canonical/mozilla firefox
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/10.0
- version/debian debian linux/11.0
- version/debian debian linux/12.0
- package-manager/debian