Today > vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-5699

June 11, 2024, 1:54 p.m.

Tags

security@mozilla.org
2024-06-11
CVE-2024-5699

Product(s) Impacted

Firefox

  • < 127

Description

In violation of spec, cookie prefixes such as `__Secure` were being ignored if they were not correctly capitalized - by spec they should be checked with a case-insensitive comparison. This could have resulted in the browser not correctly honoring the behaviors specified by the prefix. This vulnerability affects Firefox < 127.

Weaknesses

Date

Published: June 11, 2024, 1:15 p.m.

Last Modified: June 11, 2024, 1:54 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

security@mozilla.org

References

https://bugzilla.mozilla.org/ security@mozilla.org
https://www.mozilla.org/ security@mozilla.org