CVE-2025-0245
LOWDescription
Under certain circumstances, a user opt-in setting that Focus should require authentication before use could have been be bypassed. This vulnerability was fixed in Firefox 134.
CVSS v3.1 Score
Affected Products
| Vendor | Product |
|---|---|
| mozilla | firefox |
References
Advisories & Patches
Other References
Frequently Asked Questions
What is CVE-2025-0245? +
How severe is CVE-2025-0245? +
What products are affected by CVE-2025-0245? +
How do I check if I'm vulnerable to CVE-2025-0245? +
Related Vulnerabilities
Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC code. A compromised …
ai-scanner is an AI model safety scanner built on NVIDIA garak. From version 1.0.0 to before version 1.4.1, there is …
When String.toUpperCase() caused a string to get longer it was possible for uninitialized memory to be incorporated into the result …
Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6. …
Memory safety bugs present in Firefox 134 and Thunderbird 134. Some of these bugs showed evidence of memory corruption and …
An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. This vulnerability was …