CVE-2024-5697Observable Discrepancy in Mozilla Firefox

CWE-203Observable Discrepancy9 documents7 sources
Severity
4.3MEDIUMNVD
OSV8.1OSV7.5
EPSS
0.4%
top 36.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mozilla FirefoxOnelogin Ruby-saml
Timeline
PublishedJun 11
Latest updateFeb 28

Description

A website was able to detect when a user took a screenshot of a page using the built-in Screenshot functionality in Firefox. This vulnerability affects Firefox < 127.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages4 packages

CVEListV5mozilla/firefoxunspecified127
NVDmozilla/firefox< 127
Ubuntumozilla/firefox< 127.0.2+build1-0ubuntu0.20.04.1
Ubuntuonelogin/ruby-saml< 1.11.0-1ubuntu0.1+4

🔴Vulnerability Details

5
OSV
Ruby SAML vulnerabilities2025-02-28
OSV
firefox vulnerabilities2024-07-03
CVEList
CVE-2024-5697: A website was able to detect when a user took a screenshot of a page using the built-in Screenshot functionality in Firefox2024-06-11
GHSA
GHSA-6fj5-m574-p4w9: A website was able to detect when a user took a screenshot of a page using the built-in Screenshot functionality in Firefox2024-06-11
OSV
CVE-2024-5697: A website was able to detect when a user took a screenshot of a page using the built-in Screenshot functionality in Firefox2024-06-11

📋Vendor Advisories

3
Ubuntu
Firefox vulnerabilities2024-07-03
Debian
CVE-2024-5697: firefox - A website was able to detect when a user took a screenshot of a page using the b...2024
Mozilla
Mozilla Foundation Security Advisory 2024-25: CVE-2024-5697
CVE-2024-5697 — Observable Discrepancy in Mozilla | cvebase