Vulnerability CVE-2025-1939: Information

Description

Android apps can load web pages using the Custom Tabs feature. This feature supports a transition animation that could have been used to trick a user into granting sensitive permissions by hiding what the user was actually clicking. This vulnerability affects Firefox < 136.

URL: https://nvd.nist.gov/vuln/detail/CVE-2025-1939
Published: March 4, 2025
Modified: March 5, 2025

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
firefoxsisyphus136.0-alt1136.0.2-alt1ALT-PU-2025-4104-2376916Fixed
firefoxsisyphus_loongarch64136.0.1-alt0.port136.0.1-alt0.portALT-PU-2025-4467-1-Fixed
firefoxp11136.0.2-alt1135.0.1-alt1ALT-PU-2025-4567-1378599Testing

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://bugzilla.mozilla.org/show_bug.cgi?id=1928334
    https://www.mozilla.org/security/advisories/mfsa2025-14/
      VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
      Version: v25.2.1
      Back to top