2 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-0753
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird...
Mozilla: HSTS policy on subdomain could bypass policy of upper domain
The Mozilla Foundation Security Advisory describes this flaw as: In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain...