CVE-2023-29534

6 documents6 sources

Severity

9.1CRITICAL

EPSS

0.5%

top 34.16%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox FOR Android Mozilla Focus FOR Android Mozilla Firefox +1 more

Timeline

PublishedJun 19

Description

Different techniques existed to obscure the fullscreen notification in Firefox and Focus for Android. These could have led to potential user confusion and spoofing attacks. *This bug only affects Firefox and Focus for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox for Android < 112 and Focus for Android < 112.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 3.9 | Impact: 5.2

Affected Packages4 packages

▶CVEListV5mozilla/firefox_for_androidunspecified — 112

▶NVDmozilla/firefox_focus< 112.0

▶CVEListV5mozilla/focus_for_androidunspecified — 112

▶NVDmozilla/firefox< 112.0

🔴Vulnerability Details

CVEList

CVE-2023-29534: Different techniques existed to obscure the fullscreen notification in Firefox and Focus for Android↗2023-06-19

▶

OSV

CVE-2023-29534: Different techniques existed to obscure the fullscreen notification in Firefox and Focus for Android↗2023-06-19

▶

GHSA

GHSA-4g28-wh72-jhwq: Different techniques existed to obscure the fullscreen notification in Firefox and Focus for Android↗2023-06-19

▶

📋Vendor Advisories

Debian

CVE-2023-29534: firefox - Different techniques existed to obscure the fullscreen notification in Firefox a...↗2023

▶

Mozilla

Mozilla Foundation Security Advisory 2023-13: CVE-2023-29534↗

▶