exploitDog

RLSA-2025:10074

Опубликовано: 29 июл. 2025

Источник: rocky

Оценка: Important

Описание

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

Security Fix(es):

firefox: Content-Disposition header ignored when a file is included in an embed or object tag (CVE-2025-6430)
firefox: Use-after-free in FontFaceSet (CVE-2025-6424)
firefox: Incorrect parsing of URLs could have allowed embedding of youtube.com (CVE-2025-6429)
firefox: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID (CVE-2025-6425)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

Rocky Linux 8

Связанные CVE

Ссылки на источники

Исправления

https://bugzilla.redhat.com/show_bug.cgi?id=2374555
Red Hat - 2374555
https://bugzilla.redhat.com/show_bug.cgi?id=2374559
Red Hat - 2374559
https://bugzilla.redhat.com/show_bug.cgi?id=2374561
Red Hat - 2374561
https://bugzilla.redhat.com/show_bug.cgi?id=2374562
Red Hat - 2374562

Связанные уязвимости

ELSA-2025-10181

oracle-oval

23 дня назад

ELSA-2025-10181: firefox security update (IMPORTANT)

ELSA-2025-10074

oracle-oval

около 1 месяца назад

ELSA-2025-10074: firefox security update (IMPORTANT)

ELSA-2025-10073

oracle-oval

около 1 месяца назад

ELSA-2025-10073: firefox security update (IMPORTANT)

ELSA-2025-10072

oracle-oval

около 1 месяца назад

ELSA-2025-10072: firefox security update (IMPORTANT)

SUSE-SU-2025:02368-1

suse-cvrf

19 дней назад

Security update for MozillaThunderbird