CVE-2025-8364
published 2025-08-19CVE-2025-8364: A crafted URL using a blob: URI could have hidden the true origin of the page, resulting in a potential spoofing attack. *Note: This issue only affected…
medium4.3CVSS 3.1
AVNACLPRNUIRSUCNILAN
A crafted URL using a blob: URI could have hidden the true origin of the page, resulting in a potential spoofing attack.
*Note: This issue only affected Android operating systems. Other operating systems are unaffected.*. This vulnerability was fixed in Firefox 141.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | firefox | — | — |
| mozilla | firefox | < 141.0 | 141.0 |
| mozilla | firefox | — | — |