Required CVE Record Information
Description
When a secure cookie existed in the Firefox cookie jar an insecure cookie for the same domain could have been created, when it should have silently failed. This could have led to a desynchronization in expected results when reading from the secure cookie. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.
Product Status
Learn moreVersions 1 Total
Default Status: unknown
affected
Versions 1 Total
Default Status: unknown
affected
Versions 1 Total
Default Status: unknown
affected
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 2 Total
- https://www.mozilla.org/security/advisories/mfsa2023-13/ x_transferred
- https://bugzilla.mozilla.org/show_bug.cgi?id=1783536 x_transferred