CVE-2023-29547 Information

Description

When a secure cookie existed in the Firefox cookie jar an insecure cookie for the same domain could have been created when it should have silently failed. This could have led to a desynchronization in expected results when reading from the secure cookie. This vulnerability affects Firefox for Android < 112 Firefox < 112 and Focus for Android < 112.

Reference

https://www.mozilla.org/security/advisories/mfsa2023-13/ https://bugzilla.mozilla.org/show_bug.cgi?id=1783536