CVE-2025-10859_CVE-2025-10859

4 / 10

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Description

Cookie storage for non-HTML temporary documents was being shared incorrectly with normal browsing content, allowing information from private tabs to escape Incognito mode even after the user closed all tabs This vulnerability affects Firefox for iOS < 143.1.

Basic Information

ID CVE-2025-10859

Source mozilla

Published Sep 30, 2025 at 12:49

Modified Sep 30, 2025 at 13:38

Affected Product

Vendor Mozilla

Product Firefox for iOS

Version unspecified

Affected Versions Mozilla Firefox for iOS unspecified

CWE Classification

CWE-359

References

{
    "lastseen": "",
    "description": "Cookie storage for non-HTML temporary documents was being shared incorrectly with normal browsing content, allowing information from private tabs to escape Incognito mode even after the user closed all tabs This vulnerability affects Firefox for iOS < 143.1.",
    "published": "2025-09-30T12:49:07.059Z",
    "modified": "2025-09-30T13:38:50.570Z",
    "type": "cve",
    "title": "CVE-2025-10859",
    "source": "mozilla",
    "references": "https://bugzilla.mozilla.org/show_bug.cgi?id=1684624\nhttps://www.mozilla.org/security/advisories/mfsa2025-79/",
    "id": "CVE-2025-10859",
    "bulletinFamily": "",
    "cwe": [
        "CWE-359"
    ],
    "cvelist": null,
    "sourceData": "Mozilla Firefox for iOS unspecified",
    "sourceHref": "",
    "cvss": {
        "score": 4,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Firefox for iOS",
    "version": "unspecified",
    "vendor": "Mozilla",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}