CVE-2024-4766 — Mozilla Firefox vulnerability

5 documents5 sources

Severity

4.3MEDIUMNVD

EPSS

0.3%

top 43.77%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox

Timeline

PublishedMay 14

Description

Different techniques existed to obscure the fullscreen notification in Firefox for Android. These could have led to potential user confusion and spoofing attacks. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 126.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5mozilla/firefoxunspecified — 126

▶NVDmozilla/firefox< 126.0

🔴Vulnerability Details

GHSA

GHSA-x4vx-jp8h-mrcx: Different techniques existed to obscure the fullscreen notification in Firefox for Android↗2024-05-14

▶

CVEList

CVE-2024-4766: Different techniques existed to obscure the fullscreen notification in Firefox for Android↗2024-05-14

▶

📋Vendor Advisories

Debian

CVE-2024-4766: firefox - Different techniques existed to obscure the fullscreen notification in Firefox f...↗2024

▶

Mozilla

Mozilla Foundation Security Advisory 2024-21: CVE-2024-4766↗

▶