CVE-2023-6872 — Mozilla Firefox vulnerability

10 documents7 sources

Severity

6.5MEDIUMNVD

OSV4.3

EPSS

0.3%

top 51.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox

Timeline

PublishedDec 19

Latest updateJan 11

Description

Browser tab titles were being leaked by GNOME to system logs. This could potentially expose the browsing habits of users running in a private tab. This vulnerability affects Firefox < 121.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages3 packages

▶CVEListV5mozilla/firefoxunspecified — 121

▶NVDmozilla/firefox< 121.0

▶Ubuntumozilla/firefox< 121.0+build1-0ubuntu0.20.04.1+1

🔴Vulnerability Details

OSV

firefox regressions↗2024-01-11

▶

OSV

firefox vulnerabilities↗2024-01-02

▶

OSV

CVE-2023-6872: Browser tab titles were being leaked by GNOME to system logs↗2023-12-20

▶

GHSA

GHSA-qm6q-r7qr-vxjp: Browser tab titles were being leaked by GNOME to system logs↗2023-12-19

▶

CVEList

CVE-2023-6872: Browser tab titles were being leaked by GNOME to system logs↗2023-12-19

▶

📋Vendor Advisories

Ubuntu

Firefox regressions↗2024-01-11

▶

Ubuntu

Firefox vulnerabilities↗2024-01-02

▶

Debian

CVE-2023-6872: firefox - Browser tab titles were being leaked by GNOME to system logs. This could potenti...↗2023

▶

Mozilla

Mozilla Foundation Security Advisory 2023-56: CVE-2023-6872↗

▶