Количество 9
Количество 9
CVE-2025-6427
An attacker was able to bypass the `connect-src` directive of a Content Security Policy by manipulating subdocuments. This would have also hidden the connections from the Network tab in Devtools. This vulnerability affects Firefox < 140 and Thunderbird < 140.
CVE-2025-6427
An attacker was able to bypass the `connect-src` directive of a Content Security Policy by manipulating subdocuments. This would have also hidden the connections from the Network tab in Devtools. This vulnerability affects Firefox < 140 and Thunderbird < 140.
CVE-2025-6427
An attacker was able to bypass the `connect-src` directive of a Content Security Policy by manipulating subdocuments. This would have also hidden the connections from the Network tab in Devtools. This vulnerability affects Firefox < 140 and Thunderbird < 140.
CVE-2025-6427
An attacker was able to bypass the `connect-src` directive of a Conten ...
GHSA-823q-pcrj-c4xv
An attacker was able to bypass the `connect-src` directive of a Content Security Policy by manipulating subdocuments. This would have also hidden the connections from the Network tab in Devtools. This vulnerability affects Firefox < 140.
BDU:2025-07652
Уязвимость механизма Content Security Policy (CSP) браузера Mozilla Firefox, позволяющая нарушителю обойти ограничения безопасности и получить несанкционированный доступ к защищаемой информации
SUSE-SU-2025:02339-1
Security update for MozillaFirefox, MozillaFirefox-branding-SLE
SUSE-SU-2025:02546-1
Security update for MozillaThunderbird
SUSE-SU-2025:02529-1
Security update for MozillaFirefox, MozillaFirefox-branding-SLE
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-6427 An attacker was able to bypass the `connect-src` directive of a Content Security Policy by manipulating subdocuments. This would have also hidden the connections from the Network tab in Devtools. This vulnerability affects Firefox < 140 and Thunderbird < 140. | CVSS3: 9.1 | 0% Низкий | около 1 месяца назад |
 | CVE-2025-6427 An attacker was able to bypass the `connect-src` directive of a Content Security Policy by manipulating subdocuments. This would have also hidden the connections from the Network tab in Devtools. This vulnerability affects Firefox < 140 and Thunderbird < 140. | CVSS3: 6.1 | 0% Низкий | около 1 месяца назад |
 | CVE-2025-6427 An attacker was able to bypass the `connect-src` directive of a Content Security Policy by manipulating subdocuments. This would have also hidden the connections from the Network tab in Devtools. This vulnerability affects Firefox < 140 and Thunderbird < 140. | CVSS3: 9.1 | 0% Низкий | около 1 месяца назад |
| CVE-2025-6427 An attacker was able to bypass the `connect-src` directive of a Conten ... | CVSS3: 9.1 | 0% Низкий | около 1 месяца назад |
| GHSA-823q-pcrj-c4xv An attacker was able to bypass the `connect-src` directive of a Content Security Policy by manipulating subdocuments. This would have also hidden the connections from the Network tab in Devtools. This vulnerability affects Firefox < 140. | CVSS3: 9.1 | 0% Низкий | около 1 месяца назад |
 | BDU:2025-07652 Уязвимость механизма Content Security Policy (CSP) браузера Mozilla Firefox, позволяющая нарушителю обойти ограничения безопасности и получить несанкционированный доступ к защищаемой информации | CVSS3: 9.1 | 0% Низкий | около 1 месяца назад |
 | SUSE-SU-2025:02339-1 Security update for MozillaFirefox, MozillaFirefox-branding-SLE | 20 дней назад | ||
| SUSE-SU-2025:02546-1 Security update for MozillaThunderbird | 7 дней назад | ||
| SUSE-SU-2025:02529-1 Security update for MozillaFirefox, MozillaFirefox-branding-SLE | 12 дней назад |
Уязвимостей на страницу