CVE-2024-5699
CVSS v3.1
9.8 (Critical)
EPSS
0.04 % (10th)
Advisories
3
NVD Status
Awaiting Analysis
In violation of spec, cookie prefixes such as __Secure
were being ignored if they were not correctly capitalized - by spec they should be checked with a case-insensitive comparison. This could have resulted in the browser not correctly honoring the behaviors specified by the prefix. This vulnerability affects Firefox < 127.
Weaknesses
- CWE-178
- Improper Handling of Case Sensitivity
- CVE Status
- PUBLISHED
- NVD Status
- Awaiting Analysis
- CNA
- Mozilla Corporation
- Published Date
-
2024-06-11 13:15:51
(3 months ago) - Updated Date
-
2024-08-12 17:35:12
(5 weeks ago)
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...