CVE-2022-29910

Summary

When closed or sent to the background, Firefox for Android would not properly record and persist HSTS settings.<br>Note: This issue only affected Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox < 100.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 100affected

Weaknesses

  • Firefox for Android forgot HTTP Strict Transport Security settings

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References