Predictable Nonce Vulnerability in Firefox by Mozilla
CVE-2024-4772

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox
Vendor: CVE Published:; 14 May 2024

What is CVE-2024-4772?

A security flaw in Firefox exposes users to potential authentication attacks due to the way nonce values are generated. Specifically, the nonce for HTTP digest authentication is created using the rand() function, leading to predictability and allowing attackers to potentially exploit this weakness. This issue affects versions of Firefox earlier than 126, necessitating urgent updates to ensure robust security in user authentication processes.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch