Security Advisory

CVE-2023-6861

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-12-19 13:38:42

Last updated 2025-02-13 17:26:36

Assigner mozilla

State PUBLISHED

Description

The `nsWindow::PickerOpen(void)` method was susceptible to a heap buffer overflow when running in headless mode. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.

← Browse all CVEs View on cve.org ↗