CVE-2024-11703: On Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication. This vulnerability affects Firefox <…

CVE-2024-11703 [CRITICAL] CWE-276 GHSA-wjq6-6xvc-xr82: On Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication On Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication. This vulnerability affects Firefox < 133.

CVE-2024-11703 [MEDIUM] CVE-2024-11703: On Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication On Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication. This vulnerability affects Firefox < 133.

CVE-2024-11703 [MEDIUM] CWE-288 firefox: thunderbird: Password access without authentication via PIN bypass on Android firefox: thunderbird: Password access without authentication via PIN bypass on Android On Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication. This vulnerability affects Firefox < 133. A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: On Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication. Statement: Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. Package: firefox (Red Hat Enterprise Linux 10) - Not affected Package: firefox (Red Hat Enterprise Linux 6) - Not affected Package: firefox (Red Hat Enterprise Linux 7) - Not affected Pack

CVE-2024-11703 [MEDIUM] CVE-2024-11703: firefox - On Android, Firefox may have inadvertently allowed viewing saved passwords witho... On Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication. This vulnerability affects Firefox < 133. Scope: local sid: resolved (fixed in 134.0-1)

CVE-2024-11703 [MEDIUM] Mozilla Foundation Security Advisory 2024-63: CVE-2024-11703 Mozilla Foundation Security Advisory 2024-63 CVE: CVE-2024-11703 Product: Firefox Impact: high Fixed in: Firefox 133

[MEDIUM] password fingerprint protections bypassed using the OS "back" action password fingerprint protections bypassed using the OS "back" action Steps to reproduce: Similar to report 1906831 I filed previously: - Open the passwords via the new "passwords" menu item, directly after clicking the 3 dots next to the address bar in the bottom of the screen - Authenticate when asked for it - Open any account and display the password - Lock the phone - Reopen the phone - You'll be asked to authenticate, ignore this and swipe back until you're back in the list with accounts - Click any account again and display the password - Notice you can view the password without the need to re-authenticate Actual results: Can view passwords without the need to re-authenticate Expected results: When trying to view the password, it should ask for authentication first Discussi