ГлавнаяУязвимости → CVE-2025-6432
8.6высокая

CVE-2025-6432

Описание

When Multi-Account Containers was enabled, DNS requests could have bypassed a SOCKS proxy when the domain name was invalid or the SOCKS proxy was not responding. This vulnerability was fixed in Firefox 140 and Thunderbird 140.

Затрагиваемое ПО
Mozilla Firefox
CVSS
Балл8.6 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
Источники
https://bugzilla.mozilla.org/show_bug.cgi?id=1943804https://www.mozilla.org/security/advisories/mfsa2025-51/https://www.mozilla.org/security/advisories/mfsa2025-54/