CVE-2023-25731
Summary
| CVE | CVE-2023-25731 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-06-02 17:15:00 UTC |
| Updated | 2023-06-08 15:47:00 UTC |
| Description | Due to URL previews in the network panel of developer tools improperly storing URLs, query parameters could potentially be used to overwrite global objects in privileged code. This vulnerability affects Firefox < 110. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Security Vulnerabilities fixed in Firefox 110 — Mozilla | MISC | www.mozilla.org | |
| Access Denied | MISC | bugzilla.mozilla.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 199184 Ubuntu Security Notification for Firefox Vulnerabilities (USN-5880-1)
- 354801 Amazon Linux Security Advisory for thunderbird : ALAS2-2023-1983
- 356258 Amazon Linux Security Advisory for firefox : ALASFIREFOX-2023-007
- 356471 Amazon Linux Security Advisory for firefox : ALAS2FIREFOX-2023-007
- 377975 Mozilla Firefox Multiple Vulnerabilities (MFSA2023-05)
- 710739 Gentoo Linux Mozilla Firefox Multiple Vulnerabilities (GLSA 202305-35)