Description A race condition could have led to private browsing tabs being opened in normal browsing windows. This could have resulted in a potential privacy leak. This vulnerability was fixed in Firefox 135, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135.
CVSS vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Exploitability: 3.9 | Impact: 2.5 Attack Vector: Network
Complexity: Low
Privileges: None
User Interaction: None
Scope: Unchanged
Confidentiality: Low
Integrity: Low
Availability: None
Affected Packages4 packages
🔴 Vulnerability Details4 OSV firefox vulnerabilities ↗ 2025-02-11 ▶ CVEList Potential opening of private browsing tabs in normal browsing windows ↗ 2025-02-04 ▶ OSV CVE-2025-1013: A race condition could have led to private browsing tabs being opened in normal browsing windows ↗ 2025-02-04 ▶ GHSA GHSA-3pgx-69pv-46wx: A race condition could have led to private browsing tabs being opened in normal browsing windows ↗ 2025-02-04 ▶
📋 Vendor Advisories9 Ubuntu Thunderbird vulnerabilities ↗ 2025-07-22 ▶ Ubuntu Firefox vulnerabilities ↗ 2025-02-11 ▶ Red Hat firefox: thunderbird: Potential opening of private browsing tabs in normal browsing windows ↗ 2025-02-04 ▶ Debian CVE-2025-1013: firefox - A race condition could have led to private browsing tabs being opened in normal ... ↗ 2025 ▶ Microsoft Unixodbc: out of bounds stack write due to pointer-to-integer types conversion ↗ 2024-03-12 ▶ Show 4 more