Primary

Context

Mozilla Firefox Multi-Account Containers DNS Request SOCKS Proxy Bypass Vulnerability

Vulnerability

Patched

A vulnerability in Mozilla Firefox's Multi-Account Containers feature could have allowed DNS requests to bypass a configured SOCKS proxy. This issue arose when the domain name was invalid or the SOCKS proxy was unresponsive. The vulnerability affects Firefox versions prior to 140.

Impact

Exploitation of this vulnerability could lead to DNS requests being leaked outside of the configured SOCKS proxy, potentially exposing users to privacy risks or allowing for network traffic interception.

Remediation

Users can update to Firefox version 140 to address this vulnerability.

Added: Jun 24, 2025, 1:36 PM

Updated: Jun 24, 2025, 1:36 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.6

exploitability

4.7

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.6

exploitability

4.7

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mozilla Firefox Multi-Account Containers DNS Request SOCKS Proxy Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Mozilla Firefox

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating