VDB
ANCHORE-2025-0239
ANCHORE-2025-0239
PUBLISHED
When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mozilla | Firefox ESR | 0, 0, 0 |
| Mozilla | Thunderbird | 129, 0, 129 |
| Mozilla | Firefox | 0, 0, 0 |
Timeline
- Jan 7, 2025 CVE Published
- Jan 13, 2025 CVE Updated