CVE-2025-6434 in Firefoxالمعلومات

الملخص

بحسب MITRE • 24/06/2025

The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker to trick a user into granting an exception and loading a webpage over HTTP. This vulnerability affects Firefox < 140.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

مسؤول

Mozilla

حجز

20/06/2025

إفشاء

24/06/2025

الاعتدال

تمت الموافقة

إدخال

VDB-313761

EPSS

0.00227

KEV

لا

النشاطات

منخفض جدًا

المصادر

Might our Artificial Intelligence support you?

Check our Alexa App!