{"id":"CVE-2023-5168","details":"A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process.\n*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 118, Firefox ESR \u003c 115.3, and Thunderbird \u003c 115.3.","modified":"2026-03-14T12:16:32.731163Z","published":"2023-09-27T15:19:42.067Z","related":["SUSE-SU-2023:3837-1","SUSE-SU-2023:3898-1","SUSE-SU-2023:3899-1","SUSE-SU-2023:4016-1","openSUSE-SU-2024:13268-1","openSUSE-SU-2024:13272-1","openSUSE-SU-2024:13288-1","openSUSE-SU-2024:14572-1"],"references":[{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2023-41/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2023-42/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2023-43/"},{"type":"REPORT","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1846683"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"118"}]},{"events":[{"introduced":"0"},{"fixed":"115.3"}]},{"events":[{"introduced":"0"},{"fixed":"115.3"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-5168.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}