CVE-2025-14331
6.5MEDIUMSame-origin policy bypass in the Request Handling component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.
Veröffentlicht: 12/9/2025Aktualisiert: 12/10/2025
Beschreibung
Same-origin policy bypass in the Request Handling component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.
KI-AnalyseKI-gestützt
Betroffene Produkte
mozillafirefox
mozillafirefox
mozillafirefox
mozillathunderbird
mozillathunderbird
Referenzen
- https://bugzilla.mozilla.org/show_bug.cgi?id=2000218Issue TrackingPermissions Required
- https://www.mozilla.org/security/advisories/mfsa2025-92/Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2025-93/Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2025-94/Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2025-95/Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2025-96/Vendor Advisory