CVE-2023-29547

MEDIUM 6.5

CVSS Score

6.5

EPSS Score

0.0%

EPSS Percentile

0th

When a secure cookie existed in the Firefox cookie jar an insecure cookie for the same domain could have been created, when it should have silently failed. This could have led to a desynchronization in expected results when reading from the secure cookie. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.

Vendor	mozilla
Product	firefox for android
Ecosystems	Browser JavaScript
Industries	Technology
Published	Jun 2, 2023
Last Updated	Jan 10, 2025

Stay Ahead of the Next One

Get instant alerts for mozilla firefox for android

Be the first to know when new medium vulnerabilities affecting mozilla firefox for android are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Mozilla / Firefox for Android

unspecified < 112

Mozilla / Firefox

unspecified < 112

Mozilla / Focus for Android

unspecified < 112

References

NVD ↗ CVE.org ↗ EPSS Data ↗

mozilla.org: https://www.mozilla.org/security/advisories/mfsa2023-13/ bugzilla.mozilla.org: https://bugzilla.mozilla.org/show_bug.cgi?id=1783536