{"id":"CVE-2023-4580","details":"Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 115.2, and Thunderbird \u003c 115.2.","modified":"2026-04-16T00:01:01.607725159Z","published":"2023-09-11T09:15:09.477Z","related":["ALSA-2023:4952","ALSA-2023:4954","ALSA-2023:4955","ALSA-2023:4958","SUSE-SU-2023:3519-1","SUSE-SU-2023:3559-1","SUSE-SU-2023:3562-1","SUSE-SU-2023:3664-1","openSUSE-SU-2024:13176-1","openSUSE-SU-2024:13197-1","openSUSE-SU-2024:13202-1","openSUSE-SU-2024:14572-1"],"references":[{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2023-34/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2023-36/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2023-38/"},{"type":"REPORT","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1843046"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-4580.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"117.0"}]},{"events":[{"introduced":"0"},{"fixed":"115.2"}]},{"events":[{"introduced":"0"},{"fixed":"115.2"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}]}