CVE-2023-4055

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://www.mozilla.org/security/advisories/mfsa2023-30/", "name": "https://www.mozilla.org/security/advisories/mfsa2023-30/", "tags": ["Vendor Advisory"], "refsource": "MISC"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2023-31/", "name": "https://www.mozilla.org/security/advisories/mfsa2023-31/", "tags": ["Vendor Advisory"], "refsource": "MISC"}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1782561", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1782561", "tags": ["Issue Tracking", "Permissions Required"], "refsource": "MISC"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2023-29/", "name": "https://www.mozilla.org/security/advisories/mfsa2023-29/", "tags": ["Vendor Advisory"], "refsource": "MISC"}, {"url": "https://www.debian.org/security/2023/dsa-5464", "name": "https://www.debian.org/security/2023/dsa-5464", "tags": ["Third Party Advisory"], "refsource": "MISC"}, {"url": "https://www.debian.org/security/2023/dsa-5469", "name": "https://www.debian.org/security/2023/dsa-5469", "tags": ["Third Party Advisory"], "refsource": "MISC"}, {"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html", "name": "https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html", "tags": [], "refsource": "MISC"}, {"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html", "name": "https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html", "tags": [], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "When the number of cookies per domain was exceeded in `document.cookie`, the actual cookie jar sent to the host was no longer consistent with expected cookie jar state. This could have caused requests to be sent with some cookies missing. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2023-4055", "ASSIGNER": "security@mozilla.org"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}}, "publishedDate": "2023-08-01T16:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "116.0"}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "115.1", "versionStartIncluding": "115.0"}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "102.14", "versionStartIncluding": "102.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2023-08-09T21:15Z"}