When a secure cookie existed in the Firefox cookie jar an insecure cookie for the same domain could have been created, when it should have silently failed. This could have led to a desynchronization in expected results when reading from the secure cookie. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Mozilla | * | 112.0 (excluding) |
Firefox_esr | Mozilla | * | 102.10 (excluding) |
Focus | Mozilla | * | 112.0 (excluding) |