{"id":"CVE-2023-25732","details":"When encoding data from an \u003ccode\u003einputStream\u003c/code\u003e in \u003ccode\u003expcom\u003c/code\u003e the size of the input being encoded was not correctly calculated potentially leading to an out of bounds memory write. This vulnerability affects Firefox \u003c 110, Thunderbird \u003c 102.8, and Firefox ESR \u003c 102.8.","modified":"2026-03-13T07:29:53.413613Z","published":"2023-06-02T17:15:11.193Z","related":["ALSA-2023:0808","ALSA-2023:0810","ALSA-2023:0821","ALSA-2023:0824","MGASA-2023-0056","MGASA-2023-0057","SUSE-SU-2023:0461-1","SUSE-SU-2023:0466-1","SUSE-SU-2023:0469-1","SUSE-SU-2023:0599-1","openSUSE-SU-2024:12702-1","openSUSE-SU-2024:12713-1","openSUSE-SU-2024:12753-1","openSUSE-SU-2024:14572-1"],"references":[{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2023-05/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2023-06/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2023-07/"},{"type":"REPORT","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1804564"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"110.0"}]},{"events":[{"introduced":"0"},{"fixed":"102.8"}]},{"events":[{"introduced":"0"},{"fixed":"102.8"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-25732.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}