CVE-2023-6871

Reference Links

• https://bugzilla.mozilla.org/show_bug.cgi?id=1828334
• https://www.mozilla.org/security/advisories/mfsa2023-56/
• https://security.gentoo.org/glsa/202401-10
• https://launchpad.net/bugs/cve/CVE-2023-6871
• https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/
• https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6871
• https://security-tracker.debian.org/tracker/CVE-2023-6871
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6871
• https://nvd.nist.gov/vuln/detail/CVE-2023-6871
• https://ubuntu.com/security/CVE-2023-6871

Parent vulnerabilities

(Appears in the following advisories)

• MFSA2023-56

Peer vulnerabilities

(Found alongside the following vulnerabilities)

• CVE-2023-6856
• CVE-2023-6135
• CVE-2023-6865
• CVE-2023-6857
• CVE-2023-6858
• CVE-2023-6859
• CVE-2023-6866
• CVE-2023-6860
• CVE-2023-6867
• CVE-2023-6861
• CVE-2023-6868
• CVE-2023-6869
• CVE-2023-6870
• CVE-2023-6871
• CVE-2023-6872
• CVE-2023-6863
• CVE-2023-6864
• CVE-2023-6873

Frequently Asked Questions

• What is the severity of CVE-2023-6871?

  CVE-2023-6871 is of moderate severity due to insufficient warning when navigating to new protocol handlers in Firefox.

• How do I fix CVE-2023-6871?

  To fix CVE-2023-6871, update Firefox to version 134.0.2-2 or later.

• Which versions of Firefox are affected by CVE-2023-6871?

  CVE-2023-6871 affects Firefox versions up to 121.0.

• Is CVE-2023-6871 exploitable by users?

  Yes, CVE-2023-6871 can be exploited by users if they attempt to navigate to untrusted protocol handlers.

• What impact does CVE-2023-6871 have on Firefox users?

  CVE-2023-6871 could lead users to inadvertently access dangerous or malicious sites without warnings.