IndexedDB should be cleared when leaving private browsing mode and it is not, the API for WKWebViewConfiguration was being used incorrectly and requires the private instance of this object be deleted when leaving private mode. This vulnerability affects Firefox for iOS < 27.
References
Link | Resource |
---|---|
https://bugzilla.mozilla.org/show_bug.cgi?id=1646756 | Issue Tracking Permissions Required Vendor Advisory |
https://www.mozilla.org/security/advisories/mfsa2020-23/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mozilla
Published: 2020-07-09T14:56:06
Updated: 2020-07-09T14:56:06
Reserved: 2020-04-28T00:00:00
Link: CVE-2020-12414
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-07-09T15:15:11.537
Modified: 2020-07-13T01:15:50.967
Link: CVE-2020-12414
JSON object: View
Redhat Information
No data.
CWE