Vulnerability CVE-2025-1940: Information

Description

A select option could partially obscure the confirmation prompt shown before launching external apps. This could be used to trick a user in to launching an external app unexpectedly. *This issue only affects Android versions of Firefox.* This vulnerability affects Firefox < 136.

URL: https://nvd.nist.gov/vuln/detail/CVE-2025-1940
Published: March 4, 2025
Modified: March 4, 2025

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
firefoxsisyphus136.0-alt1136.0.2-alt1ALT-PU-2025-4104-2376916Fixed
firefoxsisyphus_loongarch64136.0.1-alt0.port136.0.1-alt0.portALT-PU-2025-4467-1-Fixed
firefoxp11136.0.2-alt1135.0.1-alt1ALT-PU-2025-4567-1378599Testing

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://bugzilla.mozilla.org/show_bug.cgi?id=1908488
    https://www.mozilla.org/security/advisories/mfsa2025-14/
      VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
      Version: v25.2.1
      Back to top