When importing resources using Web Workers, error messages would distinguish the difference between `application/javascript` responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
References
Configurations
No configuration.
History
03 Jul 2024, 02:08
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.9 |
CWE | CWE-351 |
10 Jun 2024, 17:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary |
|
14 May 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-05-14 18:15
Updated : 2024-07-03 02:08
NVD link : CVE-2024-4769
Mitre link : CVE-2024-4769
CVE.ORG link : CVE-2024-4769
JSON object : View
Products Affected
No product.
CWE
CWE-351
Insufficient Type Distinction