CNNVD-202506-3080 Information

CNNVD ID

CNNVD-202506-3080

Related CVE

CVE-2025-6434

• CNNVD Published: 2025-06-24

Description (Chinese)

Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。 Mozilla Firefox 140之前版本存在安全漏洞，该漏洞源于HTTPS-Only功能异常页面缺少反点击劫持延迟，可能导致用户被诱骗加载HTTP网页。

Description (English)

Mozilla Firefox is an open-source Web browser for the Mozilla Foundation in the United States. There was a security loophole in the previous version of Mozilla Firefox 140, which resulted from the lack of counter-click hijacking delays on the HTTPS-Only feature anomaly page, which could lead to users being lured into loading the HTTP page.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Mozilla

Published

2025-06-24

Last Modified

2026-02-24

References

https://www.mozilla.org/security/advisories/mfsa2025-51/ https://bugzilla.mozilla.org/show_bug.cgi?id=1955182 https://www.mozilla.org/security/advisories/mfsa2025-54/

Patch

https://www.mozilla.org/en-US/firefox/140.0/releasenotes/