CVE-2023-0767

ADVISORY - nist

Summary

An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

EPSS Score⁠: 0.00239 (0.469)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-noinfo⁠

ADVISORY - redhat

CWE-119⁠

Improper Restriction of Operations within the Bounds of a Memory Buffer

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.