Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-6431

Опубликовано: 24 июн. 2025
Источник: redhat
CVSS3: 3.4

Описание

When a link can be opened in an external application, Firefox for Android will, by default, prompt the user before doing so. An attacker could have bypassed this prompt, potentially exposing the user to security vulnerabilities or privacy leaks in external applications. This bug only affects Firefox for Android. Other versions of Firefox are unaffected. This vulnerability affects Firefox < 140.

Отчет

Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10firefoxNot affected
Red Hat Enterprise Linux 10rhel10/firefox-flatpakNot affected
Red Hat Enterprise Linux 6firefoxNot affected
Red Hat Enterprise Linux 7firefoxNot affected
Red Hat Enterprise Linux 8firefoxNot affected
Red Hat Enterprise Linux 9firefoxNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
https://bugzilla.redhat.com/show_bug.cgi?id=2374564firefox: The prompt in Firefox for Android that asks before opening a link in an external application could be bypassed

3.4 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-6431

CVSS3: 6.5
ubuntu
около 1 месяца назад

When a link can be opened in an external application, Firefox for Android will, by default, prompt the user before doing so. An attacker could have bypassed this prompt, potentially exposing the user to security vulnerabilities or privacy leaks in external applications. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 140.

nvd логотип

CVE-2025-6431

CVSS3: 6.5
nvd
около 1 месяца назад

When a link can be opened in an external application, Firefox for Android will, by default, prompt the user before doing so. An attacker could have bypassed this prompt, potentially exposing the user to security vulnerabilities or privacy leaks in external applications. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 140.

debian логотип

CVE-2025-6431

CVSS3: 6.5
debian
около 1 месяца назад

When a link can be opened in an external application, Firefox for Andr ...

github логотип

GHSA-jh8f-wj26-59hv

CVSS3: 6.5
github
около 1 месяца назад

When a link can be opened in an external application, Firefox for Android will, by default, prompt the user before doing so. An attacker could have bypassed this prompt, potentially exposing the user to security vulnerabilities or privacy leaks in external applications. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 140.

3.4 Low

CVSS3