First published: Tue Feb 14 2023(Updated: )
When dragging and dropping an image cross-origin, the image's size could potentially be leaked. This behavior was shipped in 109 and caused web compatibility problems as well as this security concern, so the behavior was disabled until further review. This vulnerability affects Firefox < 110.
Credit: security@mozilla.org security@mozilla.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mozilla Firefox | <110 | 110 |
Mozilla Firefox | <110.0 | |
ubuntu/firefox | <110.0+ | 110.0+ |
ubuntu/firefox | <110.0+ | 110.0+ |
ubuntu/firefox | <110.0-1 | 110.0-1 |
debian/firefox | 129.0-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
The vulnerability ID for this security concern is CVE-2023-25741.
This vulnerability affects Mozilla Firefox versions below 110.
The severity of CVE-2023-25741 is low.
This vulnerability could potentially leak the size of an image when dragging and dropping it cross-origin, leading to a security concern.
To fix CVE-2023-25741, update Mozilla Firefox to version 110 or higher.