vulnerability

Oracle Linux: CVE-2025-6429: ELSA-2025-10072: firefox security update (IMPORTANT) (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:N/AC:M/Au:N/C:P/I:P/A:N)	Jun 24, 2025	Jul 3, 2025	Jul 16, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:N)

Published

Jun 24, 2025

Added

Jul 3, 2025

Modified

Jul 16, 2025

Description

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Firefox could have incorrectly parsed a URL and rewritten it to the youtube.com domain when parsing the URL specified in an embed tag. This could have bypassed website security checks that restricted which domains users were allowed to embed.

Solutions

oracle-linux-upgrade-firefoxoracle-linux-upgrade-firefox-x11

References

CVE-2025-6429
https://attackerkb.com/topics/CVE-2025-6429
ELSA-ELSA-2025-10072
ELSA-ELSA-2025-10073
ELSA-ELSA-2025-10074
ELSA-ELSA-2025-10181
CWE-116

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today