CVE-2024-38312

When browsing private tabs, some data related to location history or webpage thumbnails could be persisted incorrectly within the sandboxed app bundle after app termination This vulnerability affects Firefox for iOS < 127.
Configurations

Configuration 1 (hide)

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:iphone_os:*:*

History

21 Nov 2024, 09:25

Type Values Removed Values Added
References () https://bugzilla.mozilla.org/show_bug.cgi?id=1878578 - Issue Tracking, Permissions Required () https://bugzilla.mozilla.org/show_bug.cgi?id=1878578 - Issue Tracking, Permissions Required
References () https://www.mozilla.org/security/advisories/mfsa2024-27/ - Vendor Advisory () https://www.mozilla.org/security/advisories/mfsa2024-27/ - Vendor Advisory

30 Oct 2024, 19:35

Type Values Removed Values Added
CWE CWE-922

07 Aug 2024, 17:47

Type Values Removed Values Added
References () https://bugzilla.mozilla.org/show_bug.cgi?id=1878578 - () https://bugzilla.mozilla.org/show_bug.cgi?id=1878578 - Issue Tracking, Permissions Required
References () https://www.mozilla.org/security/advisories/mfsa2024-27/ - () https://www.mozilla.org/security/advisories/mfsa2024-27/ - Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.5
First Time Mozilla
Mozilla firefox
CWE NVD-CWE-noinfo
CPE cpe:2.3:a:mozilla:firefox:*:*:*:*:*:iphone_os:*:*

17 Jun 2024, 12:43

Type Values Removed Values Added
Summary
  • (es) Al explorar pestañas privadas, algunos datos relacionados con el historial de ubicaciones o las miniaturas de páginas web podrían persistir incorrectamente dentro del paquete de aplicaciones en espacio aislado después de la finalización de la aplicación. Esta vulnerabilidad afecta a Firefox para iOS &lt; 127.

13 Jun 2024, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-13 20:15

Updated : 2024-11-21 09:25


NVD link : CVE-2024-38312

Mitre link : CVE-2024-38312

CVE.ORG link : CVE-2024-38312


JSON object : View

Products Affected

mozilla

  • firefox
CWE
NVD-CWE-noinfo CWE-922

Insecure Storage of Sensitive Information