{"api_version":"1","generated_at":"2026-04-23T13:17:02+00:00","cve":"CVE-2025-6429","urls":{"html":"https://cve.report/CVE-2025-6429","api":"https://cve.report/api/cve/CVE-2025-6429.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2025-6429","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2025-6429"},"summary":{"title":"Incorrect parsing of URLs could have allowed embedding of youtube.com","description":"Firefox could have incorrectly parsed a URL and rewritten it to the youtube.com domain when parsing the URL specified in an `embed` tag.  This could have bypassed website security checks that restricted which domains users were allowed to embed. This vulnerability was fixed in Firefox 140, Firefox ESR 128.12, Thunderbird 140, and Thunderbird 128.12.","state":"PUBLISHED","assigner":"mozilla","published_at":"2025-06-24 13:15:23","updated_at":"2026-04-13 15:17:07"},"problem_types":["CWE-116","CWE-116 CWE-116 Improper Encoding or Escaping of Output"],"metrics":[{"version":"3.1","source":"ADP","type":"DECLARED","score":"6.5","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":6.5,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.1"}},{"version":"3.1","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","score":"6.5","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"}}],"references":[{"url":"https://www.mozilla.org/security/advisories/mfsa2025-53/","name":"https://www.mozilla.org/security/advisories/mfsa2025-53/","refsource":"security@mozilla.org","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.mozilla.org/security/advisories/mfsa2025-51/","name":"https://www.mozilla.org/security/advisories/mfsa2025-51/","refsource":"security@mozilla.org","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.mozilla.org/security/advisories/mfsa2025-54/","name":"https://www.mozilla.org/security/advisories/mfsa2025-54/","refsource":"security@mozilla.org","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.mozilla.org/security/advisories/mfsa2025-55/","name":"https://www.mozilla.org/security/advisories/mfsa2025-55/","refsource":"security@mozilla.org","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1970658","name":"https://bugzilla.mozilla.org/show_bug.cgi?id=1970658","refsource":"security@mozilla.org","tags":["Permissions Required"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://lists.debian.org/debian-lts-announce/2025/06/msg00029.html","name":"https://lists.debian.org/debian-lts-announce/2025/06/msg00029.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://lists.debian.org/debian-lts-announce/2025/07/msg00002.html","name":"https://lists.debian.org/debian-lts-announce/2025/07/msg00002.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2025-6429","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-6429","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Mozilla","product":"Firefox","version":"unaffected 128.12 128.* rpm","platforms":[]},{"source":"CNA","vendor":"Mozilla","product":"Firefox","version":"unaffected 140 * rpm","platforms":[]},{"source":"CNA","vendor":"Mozilla","product":"Thunderbird","version":"unaffected 128.12 128.* rpm","platforms":[]},{"source":"CNA","vendor":"Mozilla","product":"Thunderbird","version":"unaffected 140 * rpm","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[{"source":"CNA","value":"Masato Kinugawa","lang":"en"}],"nvd_cpes":[{"cve_year":"2025","cve_id":"6429","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mozilla","cpe5":"firefox","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"-","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"6429","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mozilla","cpe5":"firefox","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"esr","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2025","cve_id":"6429","cve":"CVE-2025-6429","epss":"0.001190000","percentile":"0.308050000","score_date":"2026-04-15","updated_at":"2026-04-16 00:13:56"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":6.5,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.1"}},{"other":{"content":{"id":"CVE-2025-6429","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2025-06-25T14:21:21.354270Z","version":"2.0.3"},"type":"ssvc"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-116","description":"CWE-116 Improper Encoding or Escaping of Output","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2025-06-25T14:28:51.535Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"},{"providerMetadata":{"dateUpdated":"2025-11-03T20:07:03.248Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/07/msg00002.html"},{"url":"https://lists.debian.org/debian-lts-announce/2025/06/msg00029.html"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"Firefox","vendor":"Mozilla","versions":[{"lessThanOrEqual":"128.*","status":"unaffected","version":"128.12","versionType":"rpm"},{"lessThanOrEqual":"*","status":"unaffected","version":"140","versionType":"rpm"}]},{"product":"Thunderbird","vendor":"Mozilla","versions":[{"lessThanOrEqual":"128.*","status":"unaffected","version":"128.12","versionType":"rpm"},{"lessThanOrEqual":"*","status":"unaffected","version":"140","versionType":"rpm"}]}],"credits":[{"lang":"en","value":"Masato Kinugawa"}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Firefox could have incorrectly parsed a URL and rewritten it to the youtube.com domain when parsing the URL specified in an <code>embed</code> tag.  This could have bypassed website security checks that restricted which domains users were allowed to embed. This vulnerability was fixed in Firefox 140, Firefox ESR 128.12, Thunderbird 140, and Thunderbird 128.12."}],"value":"Firefox could have incorrectly parsed a URL and rewritten it to the youtube.com domain when parsing the URL specified in an `embed` tag.  This could have bypassed website security checks that restricted which domains users were allowed to embed. This vulnerability was fixed in Firefox 140, Firefox ESR 128.12, Thunderbird 140, and Thunderbird 128.12."}],"providerMetadata":{"dateUpdated":"2026-04-13T14:30:42.931Z","orgId":"f16b083a-5664-49f3-a51e-8d479e5ed7fe","shortName":"mozilla"},"references":[{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1970658"},{"url":"https://www.mozilla.org/security/advisories/mfsa2025-51/"},{"url":"https://www.mozilla.org/security/advisories/mfsa2025-53/"},{"url":"https://www.mozilla.org/security/advisories/mfsa2025-54/"},{"url":"https://www.mozilla.org/security/advisories/mfsa2025-55/"}],"title":"Incorrect parsing of URLs could have allowed embedding of youtube.com"}},"cveMetadata":{"assignerOrgId":"f16b083a-5664-49f3-a51e-8d479e5ed7fe","assignerShortName":"mozilla","cveId":"CVE-2025-6429","datePublished":"2025-06-24T12:28:00.819Z","dateReserved":"2025-06-20T14:51:34.184Z","dateUpdated":"2026-04-13T14:30:42.931Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2025-06-24 13:15:23","lastModifiedDate":"2026-04-13 15:17:07","problem_types":["CWE-116","CWE-116 CWE-116 Improper Encoding or Escaping of Output"],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*","versionEndExcluding":"128.12.0","matchCriteriaId":"18420C6D-A5DF-41A4-8A81-F1BBFBA1BE2A"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*","versionEndExcluding":"140.0","matchCriteriaId":"77D2BF2A-26A3-4664-93B5-B41BCF17AC9E"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2025","CveId":"6429","Ordinal":"1","Title":"Incorrect parsing of URLs could have allowed embedding of youtub","CVE":"CVE-2025-6429","Year":"2025"},"notes":[{"CveYear":"2025","CveId":"6429","Ordinal":"1","NoteData":"Firefox could have incorrectly parsed a URL and rewritten it to the youtube.com domain when parsing the URL specified in an `embed` tag.  This could have bypassed website security checks that restricted which domains users were allowed to embed. This vulnerability was fixed in Firefox 140, Firefox ESR 128.12, Thunderbird 140, and Thunderbird 128.12.","Type":"Description","Title":"Incorrect parsing of URLs could have allowed embedding of youtub"}]}}}