Google Firebase Javascript Sdk
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Google Firebase Javascript Sdk.
By the Year
In 2026 there have been 0 vulnerabilities in Google Firebase Javascript Sdk. Firebase Javascript Sdk did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 1 | 6.10 |
It may take a day or so for new Firebase Javascript Sdk vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Google Firebase Javascript Sdk Security Vulnerabilities
Firebase JavaScript SDK Session Hijacking via Cookie Manipulation
CVE-2024-11023
6.1 - Medium
- November 18, 2024
Firebase JavaScript SDK utilizes a "FIREBASE_DEFAULTS" cookie to store configuration data, including an "_authTokenSyncURL" field used for session synchronization. If this cookie field is preset via an attacker by any other method, the attacker can manipulate the "_authTokenSyncURL" to point to their own server and it would allow an actor to capture user session data transmitted by the SDK. We recommend upgrading Firebase JS SDK at least to 10.9.0.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Google Firebase Javascript Sdk or by Google? Click the Watch button to subscribe.
