How severe is CVE-2024-10004?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.1 out of 10.

What type of vulnerability is CVE-2024-10004?

This is classified as CWE-1021, which is a common weakness in software security.

CVE-2024-10004

CRITICAL Year: 2024

CVSS v3 Score

9.1

Critical

Weakness Type

CWE-1021

View all →

Vulnerability Description

Opening an external link to an HTTP website when Firefox iOS was previously closed and had an HTTPS tab open could in some cases result in the padlock icon showing an HTTPS indicator incorrectly This vulnerability affects Firefox for iOS < 131.2.

CVE-2018-18496

HIGH

CVSS:8.8(High)

When the RSS Feed preview about:feeds page is framed within another page, it can be used in concert with scripted content for a clickjacking attack that confuses users into downloading and executing a...

CWE-10212018

CVE-2021-21111

CRITICAL

CVSS:9.6(Critical)

Insufficient policy enforcement in WebUI in Google Chrome prior to 87.0.4280.141 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a...

CWE-10212021

CVE-2021-21132

CRITICAL

CVSS:9.6(Critical)

Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension.

CWE-10212021

CVE-2023-41897

CRITICAL

CVSS:9.6(Critical)

Home assistant is an open source home automation. Home Assistant server does not set any HTTP security headers, including the X-Frame-Options header, which specifies whether the web page is allowed to...

CWE-10212023