{"id":"CVE-2023-4048","details":"An out-of-bounds read could have led to an exploitable crash when parsing HTML with DOMParser in low memory situations. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, and Firefox ESR \u003c 115.1.","modified":"2026-04-16T00:00:00.163978906Z","published":"2023-08-01T15:15:09.967Z","related":["ALSA-2023:4462","ALSA-2023:4468","ALSA-2023:4497","ALSA-2023:4499","SUSE-SU-2023:3161-1","SUSE-SU-2023:3162-1","SUSE-SU-2023:3163-1","SUSE-SU-2023:3228-1","openSUSE-SU-2024:13091-1","openSUSE-SU-2024:13124-1","openSUSE-SU-2024:13133-1","openSUSE-SU-2024:14572-1"],"references":[{"type":"ADVISORY","url":"https://www.debian.org/security/2023/dsa-5464"},{"type":"ADVISORY","url":"https://www.debian.org/security/2023/dsa-5469"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2023-29/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2023-30/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2023-31/"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html"},{"type":"REPORT","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1841368"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"116.0"}]},{"events":[{"introduced":"102.0"},{"fixed":"102.14"}]},{"events":[{"introduced":"115.0"},{"fixed":"115.1"}]},{"events":[{"introduced":"0"},{"last_affected":"10.0"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0"}]},{"events":[{"introduced":"0"},{"last_affected":"12.0"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-4048.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}