CVE-2024-7525 Information

Aug 07, 2024 cve

Description

It was possible for a web extension with minimal permissions to create a StreamFilter which could be used to read and modify the response body of requests on any site. This vulnerability affects Firefox < 129 Firefox ESR < 115.14 Firefox ESR < 128.1 Thunderbird < 128.1 and Thunderbird < 115.14.

Reference

https://bugzilla.mozilla.org/show_bug.cgi?id=1909298 https://www.mozilla.org/security/advisories/mfsa2024-33/ https://www.mozilla.org/security/advisories/mfsa2024-34/ https://www.mozilla.org/security/advisories/mfsa2024-35/ https://www.mozilla.org/security/advisories/mfsa2024-37/ https://www.mozilla.org/security/advisories/mfsa2024-38/

Share on: