How severe is CVE-2024-12224?

CVE-2024-12224 has a CVSS v3 score of 8.8 (HIGH).

CVE-2024-12224

Name: idna
Author: servo

8.8HIGH

Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might treat as distinct while ano

Published: 5/30/2025Updated: 6/25/2025

Description

Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might treat as distinct while another part of that system would treat as equivalent to another hostname.

AI AnalysisPowered by AI

Affected Products

servoidna

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1887898
ExploitIssue Tracking
https://rustsec.org/advisories/RUSTSEC-2024-0421.html
Third Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1887898
ExploitIssue Tracking