First published: Tue Feb 04 2025(Updated: )
Last updated 11 February 2025
Credit: security@mozilla.org
Affected Software | Affected Version | How to fix |
---|---|---|
debian/firefox | 135.0-1 | |
Thunderbird | <135 | 135 |
Firefox | <135.0 | |
Thunderbird | >=131.0<135.0 | |
Firefox | <135 | 135 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2025-1019 has a medium severity rating due to its potential to enable spoofing attacks.
To mitigate CVE-2025-1019, users should upgrade to the latest version of Mozilla Thunderbird or Firefox beyond version 135.
CVE-2025-1019 exploits the manipulation of the z-order of browser windows to hide fullscreen notifications.
CVE-2025-1019 affects users of Mozilla Thunderbird and Mozilla Firefox versions prior to 135.
Yes, CVE-2025-1019 can potentially lead to security breaches through spoofing attacks.