CVE-2025-1936 - Mozilla Firefox ZIP Archive File Inclusion Vulnerability
CVE ID : CVE-2025-1936 Published : March 4, 2025, 2:15 p.m. | 2 hours, 44 minutes ago Description : jar: URLs retrieve local file content packaged in a ZIP archive. The null and everything after it was ignored when retrieving the content from the archive, but the fake extension after the null was used to determine the type of content. This could have been used to hide code in a web extension disguised as something else like an image. This vulnerability affects Firefox Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-1936
Published : March 4, 2025, 2:15 p.m. | 2 hours, 44 minutes ago
Description : jar: URLs retrieve local file content packaged in a ZIP archive. The null and everything after it was ignored when retrieving the content from the archive, but the fake extension after the null was used to determine the type of content. This could have been used to hide code in a web extension disguised as something else like an image. This vulnerability affects Firefox Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : March 4, 2025, 2:15 p.m. | 2 hours, 44 minutes ago
Description : jar: URLs retrieve local file content packaged in a ZIP archive. The null and everything after it was ignored when retrieving the content from the archive, but the fake extension after the null was used to determine the type of content. This could have been used to hide code in a web extension disguised as something else like an image. This vulnerability affects Firefox Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
