Security Advisory

CVE-2024-12224

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-05-30 01:16:47

Last updated 2025-05-30 12:46:56

Assigner mozilla

State PUBLISHED

Description

Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might treat as distinct while another part of that system would treat as equivalent to another hostname.

← Browse all CVEs View on cve.org ↗