Main Vulnerability Database Vulnerabilities #VU53727

#VU53727 Information disclosure in Firefox for iOS - CVE-2021-29958

Published: June 1, 2021

Vulnerability identifier: #VU53727

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2021-29958

CWE-ID: CWE-200

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Firefox for iOS

Software vendor:
Mozilla

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application during private browsing. When a download was initiated, the client did not check whether it was in normal or private browsing mode, which led to private mode cookies being shared in normal browsing mode.

Remediation

Install updates from vendor's website.

External links

https://www.mozilla.org/en-US/security/advisories/mfsa2021-25/

#VU53727 Information disclosure in Firefox for iOS - CVE-2021-29958

Description

Remediation

External links

Please verify you're human