Medium severity6.5NVD Advisory· Published Jun 2, 2023· Updated Jun 17, 2026
CVE-2023-25752
CVE-2023-25752
Description
When accessing throttled streams, the count of available bytes needed to be checked in the calling function to be within bounds. This may have lead future code to be incorrect and vulnerable. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
38<111+ 2 more
- (no CPE)range: <111
- (no CPE)range: unspecified
- (no CPE)range: unspecified
<102.9+ 1 more
- (no CPE)range: <102.9
- (no CPE)range: unspecified
- osv-coords33 versionspkg:rpm/almalinux/firefoxpkg:rpm/almalinux/firefox-x11pkg:rpm/almalinux/thunderbirdpkg:rpm/opensuse/firefox-esr&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Tumbleweedpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP4pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-ESPOSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/MozillaFirefox&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/MozillaFirefox&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP4pkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP4
< 102.9.0-3.el8_7.alma+ 32 more
- (no CPE)range: < 102.9.0-3.el8_7.alma
- (no CPE)range: < 102.9.0-3.el9_1.alma
- (no CPE)range: < 102.9.0-1.el8_7.alma
- (no CPE)range: < 128.5.1-1.1
- (no CPE)range: < 102.9.0-150200.152.81.1
- (no CPE)range: < 111.0.1-1.1
- (no CPE)range: < 102.9.1-150200.8.110.2
- (no CPE)range: < 102.9.0-1.1
- (no CPE)range: < 102.9.0-150200.152.81.1
- (no CPE)range: < 102.9.0-150200.152.81.1
- (no CPE)range: < 102.9.0-150000.150.79.1
- (no CPE)range: < 102.9.0-150200.152.81.1
- (no CPE)range: < 102.9.0-150200.152.81.1
- (no CPE)range: < 102.9.0-150200.152.81.1
- (no CPE)range: < 102.9.0-150200.152.81.1
- (no CPE)range: < 102.9.0-150200.152.81.1
- (no CPE)range: < 102.9.0-112.153.1
- (no CPE)range: < 102.9.0-112.153.1
- (no CPE)range: < 102.9.0-112.153.1
- (no CPE)range: < 102.9.0-112.153.1
- (no CPE)range: < 102.9.0-150000.150.79.1
- (no CPE)range: < 102.9.0-150200.152.81.1
- (no CPE)range: < 102.9.0-150200.152.81.1
- (no CPE)range: < 102.9.0-112.153.1
- (no CPE)range: < 102.9.0-112.153.1
- (no CPE)range: < 102.9.0-150000.150.79.1
- (no CPE)range: < 102.9.0-150200.152.81.1
- (no CPE)range: < 102.9.0-150200.152.81.1
- (no CPE)range: < 102.9.0-112.153.1
- (no CPE)range: < 102.9.0-112.153.1
- (no CPE)range: < 102.9.0-112.153.1
- (no CPE)range: < 102.9.1-150200.8.110.2
- (no CPE)range: < 102.9.1-150200.8.110.2
Patches
Vulnerability mechanics
References
4- bugzilla.mozilla.org/show_bug.cginvdIssue TrackingPermissions RequiredVendor Advisory
- www.mozilla.org/security/advisories/mfsa2023-09/nvdVendor Advisory
- www.mozilla.org/security/advisories/mfsa2023-10/nvdVendor Advisory
- www.mozilla.org/security/advisories/mfsa2023-11/nvdVendor Advisory
News mentions
0No linked articles in our index yet.