4 matches found
CVE-2025-6434 vulnerabilities
Vulnerabilities for packages: firefox...
CVE-2025-6434
The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker to trick a user into granting an exception and loading a webpage over HTTP. This vulnerability was fixed in Firefox 140 and Thunderbird 1...
CVE-2025-6434
CVE-2025-6434 corresponds to the HTTPS-Only exception page lacking an anti-clickjacking delay, enabling potential user trickery to grant an exception and load an HTTP page. Public sources in the provided documents indicate affected products are Mozilla Firefox and Mozilla Thunderbird, specificall...
CVE-2025-6434
The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker to trick a user into granting an exception and loading a webpage over HTTP. This vulnerability was fixed in Firefox 140 and Thunderbird 1...