CVE-2023-29547

Published: Jun 2, 2023

Modified: Jan 10, 2025

PUBLISHED

Description

When a secure cookie existed in the Firefox cookie jar an insecure cookie for the same domain could have been created, when it should have silently failed. This could have led to a desynchronization in expected results when reading from the secure cookie. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.

Vendor	Product	Versions
Mozilla	Firefox for Android	affected `unspecified - < 112`
Mozilla	Firefox	affected `unspecified - < 112`
Mozilla	Focus for Android	affected `unspecified - < 112`

References

https://www.mozilla.org/security/advisories/mfsa2023-13/

https://bugzilla.mozilla.org/show_bug.cgi?id=1783536

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-29547

Description

Affected Products

References