How severe is CVE-2024-12224?

CVE-2024-12224 has a CVSS v3 score of 8.8 (HIGH).

CVE-2024-12224

Name: idna
Author: servo

8.8HIGH

Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might treat as distinct while ano

公開日: 5/30/2025更新日: 6/25/2025

説明

Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might treat as distinct while another part of that system would treat as equivalent to another hostname.

AI分析AIによる分析

影響を受ける製品

servoidna

参照

https://bugzilla.mozilla.org/show_bug.cgi?id=1887898
ExploitIssue Tracking
https://rustsec.org/advisories/RUSTSEC-2024-0421.html
Third Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1887898
ExploitIssue Tracking