Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-6434

Опубликовано: 24 июн. 2025
Источник: nvd
CVSS3: 4.3
EPSS Низкий

Описание

The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker to trick a user into granting an exception and loading a webpage over HTTP. This vulnerability affects Firefox < 140.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*
Версия до 140.0 (исключая)

EPSS

Процентиль: 7%
0.00032
Низкий

4.3 Medium

CVSS3

Дефекты

CWE-1021

Связанные уязвимости

ubuntu логотип

CVE-2025-6434

CVSS3: 4.3
ubuntu
23 дня назад

The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker to trick a user into granting an exception and loading a webpage over HTTP. This vulnerability affects Firefox < 140.

redhat логотип

CVE-2025-6434

CVSS3: 3.4
redhat
23 дня назад

The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker to trick a user into granting an exception and loading a webpage over HTTP. This vulnerability affects Firefox < 140.

debian логотип

CVE-2025-6434

CVSS3: 4.3
debian
23 дня назад

The exception page for the HTTPS-Only feature, displayed when a websit ...

github логотип

GHSA-87mm-rg9r-h8wm

CVSS3: 4.3
github
21 день назад

The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker to trick a user into granting an exception and loading a webpage over HTTP. This vulnerability affects Firefox < 140.

fstec логотип

BDU:2025-07647

CVSS3: 4.3
fstec
24 дня назад

Уязвимость режима HTTPS-Only Mode браузера Mozilla Firefox, позволяющая нарушителю провести атаку типа clickjacking («захват клика»)

EPSS

Процентиль: 7%
0.00032
Низкий

4.3 Medium

CVSS3

Дефекты

CWE-1021