CVE-2023-25733
HIGHMozilla Firefox < 110.0 - NULL Pointer Dereference
Title source: ruleDescription
The return value from `gfx::SourceSurfaceSkia::Map()` wasn't being verified which could have potentially lead to a null pointer dereference. This vulnerability affects Firefox < 110.
Scores
CVSS v3
7.5
EPSS
0.0022
EPSS Percentile
43.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Classification
CWE
CWE-252
Status
published
Affected Products (1)
mozilla/firefox
< 110.0
Timeline
Published
Jun 19, 2023
Tracked Since
Feb 18, 2026