{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-38312","assignerOrgId":"f16b083a-5664-49f3-a51e-8d479e5ed7fe","state":"PUBLISHED","assignerShortName":"mozilla","dateReserved":"2024-06-13T18:40:29.768Z","datePublished":"2024-06-13T20:01:13.543Z","dateUpdated":"2025-03-19T14:17:43.824Z"},"containers":{"cna":{"affected":[{"product":"Firefox for iOS","vendor":"Mozilla","versions":[{"lessThan":"127","status":"affected","version":"unspecified","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"When browsing private tabs, some data related to location history or webpage thumbnails could be persisted incorrectly within the sandboxed app bundle after app termination This vulnerability affects Firefox for iOS < 127.","supportingMedia":[{"type":"text/html","base64":false,"value":"When browsing private tabs, some data related to location history or webpage thumbnails could be persisted incorrectly within the sandboxed app bundle after app termination This vulnerability affects Firefox for iOS < 127."}]}],"problemTypes":[{"descriptions":[{"description":"Private tabs could result in residual data related to browsing history in app bundle","lang":"en","type":"text"}]}],"references":[{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1878578"},{"url":"https://www.mozilla.org/security/advisories/mfsa2024-27/"}],"credits":[{"lang":"en","value":"Adam Berry"}],"providerMetadata":{"orgId":"f16b083a-5664-49f3-a51e-8d479e5ed7fe","shortName":"mozilla","dateUpdated":"2024-06-13T20:01:13.543Z"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T04:04:25.248Z"},"title":"CVE Program Container","references":[{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1878578","tags":["x_transferred"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2024-27/","tags":["x_transferred"]}]},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-922","lang":"en","description":"CWE-922 Insecure Storage of Sensitive Information"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":6.5,"attackVector":"NETWORK","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","integrityImpact":"HIGH","userInteraction":"REQUIRED","attackComplexity":"LOW","availabilityImpact":"NONE","privilegesRequired":"NONE","confidentialityImpact":"NONE"}},{"other":{"type":"ssvc","content":{"timestamp":"2024-08-05T19:02:31.503642Z","id":"CVE-2024-38312","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-03-19T14:17:43.824Z"}}]}}