Vulnerabilities > CVE-2023-5722 - Information Exposure Through Discrepancy vulnerability in Mozilla Firefox
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
Using iterative requests an attacker was able to learn the size of an opaque response, as well as the contents of a server-supplied Vary header. This vulnerability affects Firefox < 119.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://bugzilla.mozilla.org/show_bug.cgi?id=1738426
- https://bugzilla.mozilla.org/show_bug.cgi?id=1738426
- https://security.gentoo.org/glsa/202401-10
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-45/
- https://www.mozilla.org/security/advisories/mfsa2023-45/