How severe is CVE-2025-14331?

CVE-2025-14331 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2025-14331

Name: thunderbird
Author: mozilla

6.5MEDIUM

Same-origin policy bypass in the Request Handling component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.

发布于: 12/9/2025更新于: 12/10/2025

描述

Same-origin policy bypass in the Request Handling component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.

AI分析AI驱动

受影响产品

mozillafirefox

mozillathunderbird

参考资料

https://bugzilla.mozilla.org/show_bug.cgi?id=2000218
Issue TrackingPermissions Required
https://www.mozilla.org/security/advisories/mfsa2025-92/
Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2025-93/
Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2025-94/
Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2025-95/
Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2025-96/
Vendor Advisory