CNNVD-202512-1551 Information
CNNVD ID
CNNVD-202512-1551
Related CVE
- CNNVD Published: 2025-12-09
Description (Chinese)
Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。 Mozilla Firefox 146之前版本、Firefox ESR 115.31之前版本和140.6之前版本存在访问控制错误漏洞,该漏洞源于Request Handling组件存在同源策略绕过问题,可能导致安全限制失效。
Description (English)
Mozilla Firefox is an open-source Web browser for the Mozilla Foundation in the United States. Pre-Mozilla Firefox 146, pre-Firefox ESR 115.31 and pre-140.6 have access control bugs, which stem from the co-source overuse of the Request Handling component, which may result in security restrictions being rendered ineffective.
Hazard Level
High
Vulnerability Type
访问控制错误
Affected Vendor
Mozilla
Published
2025-12-09
Last Modified
2026-02-24
References
https://www.mozilla.org/security/advisories/mfsa2025-93/ https://www.mozilla.org/security/advisories/mfsa2025-94/ https://www.mozilla.org/security/advisories/mfsa2025-95/ https://www.mozilla.org/security/advisories/mfsa2025-96/ https://bugzilla.mozilla.org/show_bug.cgi?id=2000218 https://www.mozilla.org/security/advisories/mfsa2025-92/