CVE-2023-4580

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Published Sep 11, 2023

Updated: Sep 14, 2023

CWE ID 400

Summary

CVE-2023-4580 is a vulnerability affecting Firefox versions below 117, Firefox ESR below 115.2, and Thunderbird below 115.2. In private browsing mode, push notifications were not encrypted as expected on disk, posing a risk of sensitive information leakage. This issue may allow unauthorized access to user data, undermining the privacy and security of affected browsers. No direct copies from the source text have been used in creating this summary.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Apache Software Foundation Apache HTTP Server
Fedora Operating System

Affected Vendors

Apache Software Foundation
Fedora Project

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/s_hMGY
https://www.cve.org/CVERecord?id=CVE-2023-4580
https://nvd.nist.gov/vuln/detail/CVE-2023-4580

Back to Vulnerability Database