Unrated severityNVD Advisory· Published Jun 11, 2024· Updated Aug 1, 2024
CVE-2024-5687
CVE-2024-5687
Description
If a specific sequence of actions is performed when opening a new tab, the triggering principal associated with the new tab may have been incorrect. The triggering principal is used to calculate many values, including the Referer and Sec-* headers, meaning there is the potential for incorrect security checks within the browser in addition to incorrect or misleading information sent to remote websites. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 127.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- osv-coords4 versionspkg:apk/chainguard/firefoxpkg:apk/wolfi/firefoxpkg:rpm/opensuse/firefox-esr&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Tumbleweed
< 127.0.2-r0+ 3 more
- (no CPE)range: < 127.0.2-r0
- (no CPE)range: < 127.0.2-r0
- (no CPE)range: < 128.5.1-1.1
- (no CPE)range: < 127.0-1.1
- Range: unspecified
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.