CVE-2021-29958 — Vulnetix

CVE-2021-29958 PUBLISHED CVSS 4.300000190734863 MEDIUM

When a download was initiated, the client did not check whether it was in normal or private browsing mode, which led to private mode cookies being shared in normal browsing mode. This vulnerability affects Firefox for iOS < 34.

EPSS 0.19% · 40.3th percentile

Risk Scores

CVSS 3.1

4.300000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

EPSS Score

0.19%

40.3th percentile

Affected Products

Vendor	Product	Versions
mozilla	firefox	0
Mozilla	Firefox for iOS	unspecified

Exploit Intelligence

https://www.mozilla.org/security/advisories/mfsa2021-25/ (circl)
https://bugzilla.mozilla.org/show_bug.cgi?id=1670127 (circl)

Timeline

Jun 2, 2021 CVE Published
Jun 25, 2021 EPSS Score
Aug 24, 2021 EPSS Score
Oct 24, 2021 EPSS Score
Dec 23, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Apr 23, 2022 EPSS Score
Jun 22, 2022 EPSS Score
Aug 22, 2022 EPSS Score
Oct 21, 2022 EPSS Score
Dec 21, 2022 EPSS Score

References

https://www.mozilla.org/security/advisories/mfsa2021-25/ url
https://bugzilla.mozilla.org/show_bug.cgi?id=1670127 url
https://nvd.nist.gov/vuln/detail/CVE-2021-29958 advisory
https://www.mozilla.org/security/advisories/mfsa2021-25 url
https://www.mozilla.org/en-US/security/advisories/mfsa2021-24/ advisory
https://www.mozilla.org/en-US/security/advisories/mfsa2021-23/ advisory

Open in Interactive Console →