CVE-2023-4055

Source
https://nvd.nist.gov/vuln/detail/CVE-2023-4055
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-4055.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-4055
Downstream
Related
Published
2023-08-01T16:15:09Z
Modified
2025-08-09T20:01:26Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
Summary
[none]
Details

When the number of cookies per domain was exceeded in document.cookie, the actual cookie jar sent to the host was no longer consistent with expected cookie jar state. This could have caused requests to be sent with some cookies missing. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

References

Affected packages