How severe is CVE-2024-12224?

CVE-2024-12224 has a CVSS v3 score of 8.8 (HIGH).

CVE-2024-12224

Name: idna
Author: servo

8.8HIGH

Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might treat as distinct while ano

发布于: 5/30/2025更新于: 6/25/2025

描述

Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might treat as distinct while another part of that system would treat as equivalent to another hostname.

AI分析AI驱动

受影响产品

servoidna

参考资料

https://bugzilla.mozilla.org/show_bug.cgi?id=1887898
ExploitIssue Tracking
https://rustsec.org/advisories/RUSTSEC-2024-0421.html
Third Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1887898
ExploitIssue Tracking