CVE-2024-53975

{"id": "CVE-2024-53975", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 2.5, "exploitabilityScore": 2.8}]}, "published": "2024-11-26T14:15:21.497", "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1843467", "tags": ["Issue Tracking", "Permissions Required"], "source": "security@mozilla.org"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-66/", "tags": ["Vendor Advisory"], "source": "security@mozilla.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Accessing a non-secure HTTP site that uses a non-existent port may cause the SSL padlock icon in the location URL bar to, misleadingly, appear secure. This vulnerability affects Firefox for iOS < 133."}, {"lang": "es", "value": "Acceder a un sitio HTTP no seguro que utiliza un puerto inexistente puede provocar que el icono del candado SSL en la barra de URL de ubicaci\u00f3n parezca seguro, de manera enga\u00f1osa. Esta vulnerabilidad afecta a Firefox para iOS &lt; 133."}], "lastModified": "2025-04-04T16:19:53.597", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:iphone_os:*:*", "vulnerable": true, "matchCriteriaId": "155541E6-7496-41FE-BA8D-17DDE9D0F3A6", "versionEndExcluding": "133.0"}], "operator": "OR"}]}], "sourceIdentifier": "security@mozilla.org"}