CNNVD-202506-3076 Information

CNNVD ID

CNNVD-202506-3076

Related CVE

CVE-2025-6435

• CNNVD Published: 2025-06-24

Description (Chinese)

Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。 Mozilla Firefox 140之前版本存在安全漏洞，该漏洞源于Devtools网络标签保存响应时未使用.download扩展名，可能导致用户误运行恶意可执行文件。

Description (English)

Mozilla Firefox is an open-source Web browser for the Mozilla Foundation in the United States. A security loophole existed in the previous version of Mozilla Firefox 140, which resulted from the failure to use the .download extension when the Devtools network tags were saved.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Mozilla

Published

2025-06-24

Last Modified

2026-02-24

References

https://www.mozilla.org/security/advisories/mfsa2025-51/ https://www.mozilla.org/security/advisories/mfsa2025-54/ https://bugzilla.mozilla.org/show_bug.cgi?id=1961777 https://bugzilla.mozilla.org/show_bug.cgi?id=1950056

Patch

https://www.mozilla.org/en-US/firefox/140.0/releasenotes/