Lucene search
MozillaCVELIST:CVE-2024-5699HistoryJun 11, 2024 - 12:40 p.m.
CVE-2024-5699
2024-06-1112:40:18
mozilla
www.cve.org
6
vulnerability
firefox
case-insensitive
cookie prefixes
spec violation
cve-2024-5699
0.0004 Low
EPSS
Percentile
9.1%
In violation of spec, cookie prefixes such as __Secure were being ignored if they were not correctly capitalized - by spec they should be checked with a case-insensitive comparison. This could have resulted in the browser not correctly honoring the behaviors specified by the prefix. This vulnerability affects Firefox < 127.
CNA Affected
[
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "127",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
wolfi
wolfi
CVE-2024-5699 vulnerabilities
2024-06-30 21:08:34
cve
cve
CVE-2024-5699
2024-06-11 13:15:51
nvd
nvd
CVE-2024-5699
2024-06-11 13:15:51
debiancve
debiancve
CVE-2024-5699
2024-06-11 13:15:51
ubuntucve
ubuntucve
CVE-2024-5699
2024-06-11 00:00:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2024-25) - Linux
2024-06-11 00:00:00
Mozilla Firefox Security Update (mfsa_2024-23_2024-26) - Mac OS X
2024-06-13 00:00:00
Mozilla Firefox Security Update (mfsa_2024-23_2024-26) - Windows
2024-06-13 00:00:00
nessus
nessus
Mozilla Firefox < 127.0
2024-06-11 00:00:00
Fedora 40 : firefox (2024-4a22a9cd11)
2024-06-12 00:00:00
Mozilla Firefox < 127.0
2024-06-11 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Firefox 127 — Mozilla
2024-06-11 00:00:00
kaspersky
kaspersky
KLA68921 Multiple vulnerabilities in Mozilla Firefox
2024-06-11 00:00:00