
Find real vulnerabilities before they ship
In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability was fixed in Firefox 139 and Thunderbird 139.
Base Score
7.5| Base Score | 7.5 |
|---|---|
| Vector String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
| Base Severity | High |
| Version | 3.1 |
| Attack Vector (AV) | NETWORK |