CVE-2023-6204

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-6204

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-6204.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-6204

Downstream

DEBIAN-CVE-2023-6204

DLA-3661-1

DLA-3674-1

DSA-5561-1

DSA-5566-1

OESA-2025-1265

OESA-2025-1268

RHSA-2023:7499

RHSA-2023:7500

RHSA-2023:7501

RHSA-2023:7502

RHSA-2023:7503

RHSA-2023:7504

RHSA-2023:7505

RHSA-2023:7506

RHSA-2023:7507

RHSA-2023:7508

RHSA-2023:7509

RHSA-2023:7510

RHSA-2023:7511

RHSA-2023:7512

RHSA-2023:7547

RHSA-2023:7569

RHSA-2023:7570

RHSA-2023:7573

RHSA-2023:7574

RHSA-2023:7577

SUSE-SU-2023:4588-1

SUSE-SU-2023:4912-1

SUSE-SU-2023:4928-1

SUSE-SU-2023:4929-1

UBUNTU-CVE-2023-6204

USN-6509-1

USN-6515-1

openSUSE-SU-2024:13459-1

openSUSE-SU-2024:13468-1

openSUSE-SU-2024:14572-1

Related

Published

2023-11-21T15:15:07Z

Modified

2025-08-09T19:01:28Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

On some systems—depending on the graphics settings and drivers—it was possible to force an out-of-bounds read and leak memory data into the images created on the canvas element. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.

References

Affected packages