CVE-2021-23987

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-23987

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-23987.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-23987

Downstream

DEBIAN-CVE-2021-23987

DLA-2607-1

DLA-2609-1

DSA-4874-1

DSA-4876-1

OESA-2023-1673

OESA-2023-1674

RHSA-2021:0989

RHSA-2021:0990

RHSA-2021:0991

RHSA-2021:0992

RHSA-2021:0993

RHSA-2021:0994

RHSA-2021:0995

RHSA-2021:0996

SUSE-SU-2021:0966-1

SUSE-SU-2021:0999-1

SUSE-SU-2021:1007-1

SUSE-SU-2021:1167-1

SUSE-SU-2021:14684-1

UBUNTU-CVE-2021-23987

USN-4893-1

USN-4995-1

USN-4995-2

openSUSE-SU-2021:0487-1

openSUSE-SU-2021:0580-1

openSUSE-SU-2024:10600-1

openSUSE-SU-2024:10601-1

openSUSE-SU-2024:14572-1

Related

Published

2021-03-31T14:15:19Z

Modified

2025-08-09T20:01:25Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Mozilla developers and community members reported memory safety bugs present in Firefox 86 and Firefox ESR 78.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and Thunderbird < 78.9.

References

Affected packages