{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T15:52:11.179","vulnerabilities":[{"cve":{"id":"CVE-2023-5170","sourceIdentifier":"security@mozilla.org","published":"2023-09-27T15:19:42.177","lastModified":"2024-11-21T08:41:13.557","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data was leaked. This vulnerability affects Firefox < 118."},{"lang":"es","value":"En la representación del lienzo, un proceso de contenido comprometido podría haber provocado que una superficie cambiara inesperadamente, lo que habría provocado una pérdida de memoria de un proceso privilegiado. Esta pérdida de memoria podría usarse para efectuar un escape de la sandbox si se filtraron los datos correctos. Esta vulnerabilidad afecta a Firefox &lt; 118."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":4.0}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-401"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","versionEndExcluding":"118.0","matchCriteriaId":"3F2D4E7B-E6ED-4BF9-A108-6B1202BC9E59"}]}]}],"references":[{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1846686","source":"security@mozilla.org","tags":["Issue Tracking","Permissions Required"]},{"url":"https://security.gentoo.org/glsa/202401-10","source":"security@mozilla.org"},{"url":"https://www.mozilla.org/security/advisories/mfsa2023-41/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1846686","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Permissions Required"]},{"url":"https://security.gentoo.org/glsa/202401-10","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.mozilla.org/security/advisories/mfsa2023-41/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}