4 matches found
Mozilla Firefox Security Advisory (MFSA2015-67) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
Mozilla: Key pinning is ignored when overridable errors are encountered (MFSA 2015-67)
It was found that Firefox skipped key-pinning checks when handling an error that could be overridden by the user for example an expired certificate error. This flaw allowed a user to override a pinned certificate, which is an action the user should not be able to perform...
Mozilla: Key pinning is ignored when overridable errors are encountered (MFSA 2015-67)
It was found that Firefox skipped key-pinning checks when handling an error that could be overridden by the user for example an expired certificate error. This flaw allowed a user to override a pinned certificate, which is an action the user should not be able to perform...
Key pinning is ignored when overridable errors are encountered — Mozilla
Mozilla security engineer David Keeler reported that when an overridable error is encountered, such as those for expired certificates or a host name does not match a certificate, pinning checks can be be skipped. This would allow for a user to override a pinned certificate when they should not be...