CVE-2025-3035: By first using the AI chatbot in one tab and later activating it in another tab, the document title of the previous tab would leak into the chat prompt. Please refer to the tracker for the full list of CVEs that affect all Mozilla products.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fec075b5ff949e74b807c4c880a8552cfb2d7df0 commit fec075b5ff949e74b807c4c880a8552cfb2d7df0 Author: Joonas Niilola <juippis@gentoo.org> AuthorDate: 2025-04-13 07:34:27 +0000 Commit: Joonas Niilola <juippis@gentoo.org> CommitDate: 2025-04-13 07:34:27 +0000 www-client/firefox: drop 128.8.0, 136.0.2, 136.0.3, 137.0 Bug: https://bugs.gentoo.org/953021 Signed-off-by: Joonas Niilola <juippis@gentoo.org> www-client/firefox/Manifest | 408 --------- www-client/firefox/firefox-128.8.0.ebuild | 1380 ----------------------------- www-client/firefox/firefox-136.0.2.ebuild | 1371 ---------------------------- www-client/firefox/firefox-136.0.3.ebuild | 1371 ---------------------------- www-client/firefox/firefox-137.0.ebuild | 1371 ---------------------------- 5 files changed, 5901 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=7b93b966bc2eb2e273bede1091d240dfe61b85f2 commit 7b93b966bc2eb2e273bede1091d240dfe61b85f2 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2025-05-12 08:06:29 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2025-05-12 08:06:48 +0000 [ GLSA 202505-02 ] Mozilla Firefox: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/951563 Bug: https://bugs.gentoo.org/953021 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202505-02.xml | 85 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 85 insertions(+)
