What the vulnerability does

01Description

A flaw in Mozilla's embedded certificate code might allow web sites to install root certificates on devices without user approval.

Key dates

02Disclosure timeline

May 17, 2021 CVE published
August 7, 2024 Record updated