CVE-2024-10004

{"id": "CVE-2024-10004", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 3.9}]}, "published": "2024-10-15T22:15:03.197", "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1904885", "tags": ["Issue Tracking", "Permissions Required"], "source": "[email protected]"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-54/", "tags": ["Vendor Advisory"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-1021"}]}], "descriptions": [{"lang": "en", "value": "Opening an external link to an HTTP website when Firefox iOS was previously closed and had an HTTPS tab open could in some cases result in the padlock icon showing an HTTPS indicator incorrectly This vulnerability affects Firefox for iOS < 131.2."}, {"lang": "es", "value": "Abrir un enlace externo a un sitio web HTTP cuando Firefox iOS estaba previamente cerrado y ten\u00eda una pesta\u00f1a HTTPS abierta podr\u00eda, en algunos casos, provocar que el \u00edcono del candado muestre incorrectamente un indicador HTTPS. Esta vulnerabilidad afecta a Firefox para iOS &lt; 131.2."}], "lastModified": "2025-04-04T14:36:06.857", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E072C4E0-49F0-4DB3-936E-8CFF784E3385", "versionEndExcluding": "131.2.0"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}