FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Mozilla -- persistent UUID that identifies browser

Affected packages
firefox < 140.0,2
firefox-esr < 115.25.0
firefox-esr < 128.12
thunderbird < 140.0
thunderbird < 128.12

Details

VuXML ID 9320590b-58cf-11f0-b4ad-b42e991fc52e
Discovery 2025-06-24
Entry 2025-07-04

security@mozilla.org reports:

An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but not profiles. This vulnerability affects Firefox < 140, Firefox ESR < 115.25, Firefox ESR < 128.12, Thunderbird < 140, and Thunderbird < 128.12.

[source]

References

CVE Name CVE-2025-6425
URL https://nvd.nist.gov/vuln/detail/CVE-2025-6425

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.