We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-10474



Description

Focus was incorrectly allowing internal links to utilize the app scheme used for deeplinking, which could result in links potentially circumventing some URL safety checks This vulnerability affects Focus for iOS < 132.

Reserved 2024-10-28 | Published 2024-10-29 | Updated 2025-03-13 | Assigner mozilla

Problem types

Don't allow web content to open firefox-focus URLs

Product status

Any version before 132
affected

Credits

James Lee

References

bugzilla.mozilla.org/show_bug.cgi?id=1863832

www.mozilla.org/security/advisories/mfsa2024-60/

cve.org (CVE-2024-10474)

nvd.nist.gov (CVE-2024-10474)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2024-10474

Support options

Helpdesk Chat, Email, Knowledgebase