CVE-2017-7797

2017-08-10T00:00:00
ID UB:CVE-2017-7797
Type ubuntucve
Reporter ubuntu.com
Modified 2017-08-10T00:00:00

Description

Response header name interning does not have same-origin protections and these headers are stored in a global registry. This allows stored header names to be available cross-origin. This vulnerability affects Firefox < 55.

Notes

Author| Note
---|---
tyhicks | mozjs38 contains a copy of the SpiderMonkey JavaScript engine