Private Tab Data Persistence Vulnerability Affects Firefox for iOS
CVE-2024-38312

6.5MEDIUM

Key Information:

Vendor
Mozilla
Status
Firefox For iOS
Vendor
CVE Published:
13 June 2024

Summary

When browsing private tabs, some data related to location history or webpage thumbnails could be persisted incorrectly within the sandboxed app bundle after app termination This vulnerability affects Firefox for iOS < 127.

Affected Version(s)

Firefox for iOS < 127

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1878578
https://www.mozilla.org/security/advisories/mfsa2024-27/

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Adam Berry
.