Vulnerability in Mozilla Firefox
CVE-2024-38312
When browsing private tabs, some data related to location history or webpage thumbnails could be persisted incorrectly within the sandboxed app bundle after app termination This vulnerability affects Firefox for iOS < 127.
EPSS: 0.003 (20.9th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N.
Affected products
- Mozilla Firefox
- Mozilla Firefox For Ios — versions unspecified
Weakness classification (CWE)
References
- security@mozilla.org (Permissions Required, Issue Tracking)
- security@mozilla.org (Vendor Advisory)
Frequently asked questions
- What is CVE-2024-38312?
- CVE-2024-38312 is a medium-severity vulnerability in Mozilla Firefox, classified under CWE-922. CVSS score: 6.5/10. Published 2024-06-13.
- How severe is CVE-2024-38312?
- Medium severity. CVSS v3 base score is 6.5 out of 10.