{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T06:12:55.611","vulnerabilities":[{"cve":{"id":"CVE-2023-6865","sourceIdentifier":"security@mozilla.org","published":"2023-12-19T14:15:07.777","lastModified":"2024-11-21T08:44:43.033","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"`EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR < 115.6 and Firefox < 121."},{"lang":"es","value":"`EncryptingOutputStream` era susceptible de exponer datos no inicializados. Sólo se puede abusar de este problema para escribir datos en un disco local, lo que puede tener implicaciones para el modo de navegación privada. Esta vulnerabilidad afecta a Firefox ESR <115.6 y Firefox <121."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","versionEndExcluding":"121.0","matchCriteriaId":"A3D81D72-5965-4DB7-BFA7-9A32A9108919"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","versionEndExcluding":"115.6","matchCriteriaId":"46B36C5E-77B7-4FBF-8B7A-6F794C8B8B2B"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","matchCriteriaId":"FA6FEEC2-9F11-4643-8827-749718254FED"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*","matchCriteriaId":"46D69DCC-AE4D-4EA5-861C-D60951444C6C"}]}]}],"references":[{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1864123","source":"security@mozilla.org","tags":["Issue Tracking","Permissions Required"]},{"url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html","source":"security@mozilla.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://security.gentoo.org/glsa/202401-10","source":"security@mozilla.org","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2023/dsa-5581","source":"security@mozilla.org","tags":["Third Party Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2023-54/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2023-56/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1864123","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Permissions Required"]},{"url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://security.gentoo.org/glsa/202401-10","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2023/dsa-5581","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2023-54/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2023-56/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}