Vulnerability Database

296,213

Total vulnerabilities in the database

CVE-2023-4054

When opening appref-ms files, Firefox did not warn the user that these files may contain malicious code. This bug only affects Firefox on Windows. Other operating systems are unaffected. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, Firefox ESR < 115.1, Thunderbird < 102.14, and Thunderbird < 115.1.

  • Published: Aug 1, 2023
  • Updated: Aug 8, 2023
  • CVE: CVE-2023-4054
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.5
  • AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

No CWE or OWASP classifications available.

Software From Fixed in
mozilla / firefox - 116.0
mozilla / firefox 102.0 102.14
mozilla / firefox 115.0 115.1