CVE-2023-5170

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Sep 27, 2023

Updated: Jan 7, 2024

CWE ID 312

CWE ID 532

Summary

CVE-2023-5170 is a vulnerability affecting Firefox browsers below version 118. In the context of canvas rendering, a malicious content process could manipulate a surface, resulting in an unintended modification. This surprise change triggers a memory leak in a privileged process. Cybercriminals may exploit this memory leak to stage a sandbox escape, gaining unauthorized access to sensitive information or functionalities.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Apache Airflow

Affected Vendors

Apache Software Foundation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/t4mqVd
https://www.cve.org/CVERecord?id=CVE-2023-5170
https://nvd.nist.gov/vuln/detail/CVE-2023-5170

Back to Vulnerability Database