Lucene search
HistoryJun 11, 2024 - 1:15 p.m.
CVE-2024-5699
violation of spec
cookie prefixes
case-insensitive comparison
incorrect browser behavior
firefox 127
0.0004 Low
EPSS
Percentile
9.1%
In violation of spec, cookie prefixes such as __Secure were being ignored if they were not correctly capitalized - by spec they should be checked with a case-insensitive comparison. This could have resulted in the browser not correctly honoring the behaviors specified by the prefix. This vulnerability affects Firefox < 127.
Related
cvelist
cvelist
CVE-2024-5699
2024-06-11 12:40:18
wolfi
wolfi
CVE-2024-5699 vulnerabilities
2024-06-30 21:08:34
cve
cve
CVE-2024-5699
2024-06-11 13:15:51
debiancve
debiancve
CVE-2024-5699
2024-06-11 13:15:51
ubuntucve
ubuntucve
CVE-2024-5699
2024-06-11 00:00:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2024-25) - Linux
2024-06-11 00:00:00
Mozilla Firefox Security Update (mfsa_2024-23_2024-26) - Mac OS X
2024-06-13 00:00:00
Mozilla Firefox Security Update (mfsa_2024-23_2024-26) - Windows
2024-06-13 00:00:00
nessus
nessus
Mozilla Firefox < 127.0
2024-06-11 00:00:00
Fedora 40 : firefox (2024-4a22a9cd11)
2024-06-12 00:00:00
Mozilla Firefox < 127.0
2024-06-11 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Firefox 127 — Mozilla
2024-06-11 00:00:00
kaspersky
kaspersky
KLA68921 Multiple vulnerabilities in Mozilla Firefox
2024-06-11 00:00:00