CVE-2022-45419
CVSS v3.1
6.5 (Medium)
EPSS
0.08 % (35th)
Affected Products
1
Advisories
3
If the user added a security exception for an invalid TLS certificate, opened an ongoing TLS connection with a server that used that certificate, and then deleted the exception, Firefox would have kept the connection alive, making it seem like the certificate was still trusted. This vulnerability affects Firefox < 107.
Weaknesses
- CWE-295
- Improper Certificate Validation
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2022-12-22 20:15:45
(21 months ago) - Updated Date
-
2023-01-04 18:10:35
(20 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...