/
DirectorySecurity AdvisoriesPricing
Sign in
Security Advisories

CGA-jx3g-34f8-cg42

Published

Last updated

https://images.chainguard.dev/security/CGA-jx3g-34f8-cg42
Package

firefox

RepositoryWolfi
Latest Update
Not affected
Aliases
  • CVE-2011-3389
  • GHSA-rhch-pcq2-7gp3

Severity

Unknown

References

  • https://nvd.nist.gov/vuln/detail/CVE-2011-3389
  • https://github.com/advisories/GHSA-rhch-pcq2-7gp3

Updates

Status

Not affected

Justification

Vulnerable code not present

Impact

Firefox claimed on September 27, 2011 that Firefox itself is not vulnerable to this attack. While Firefox does use TLS 1.0 (the version of TLS with this weakness), the technical details of the attack require the ability to completely control the content of connections originating in the browser which Firefox does not allow. More details can be found here: https://blog.mozilla.org/security/2011/09/27/attack-against-tls-protected-communications/

Status

Under investigation

The trusted source for open source

Talk to an expert
© 2025 Chainguard. All Rights Reserved.
PrivacyTerms

Product

Chainguard ContainersChainguard LibrariesChainguard VMsIntegrationsPricing

Solutions

FedRAMPPCI DSSGolden ImagesCVE RemediationPublic Sector

Customers

Customer StoriesChainguard Reviews

Resources

Events & WebinarsChainguard CoursesDocumentationTrust Center

Company

About UsBlogPartnersNewsroomCareersLegal