Cookie storage for non-HTML temporary documents was being shared incorrectly with normal browsing content, allowing information from private tabs to escape Incognito mode even after the user closed all tabs This vulnerability affects Firefox for iOS < 143.1.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Tue, 30 Sep 2025 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-359 | |
Metrics |
cvssV3_1
|
Tue, 30 Sep 2025 13:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Cookie storage for non-HTML temporary documents was being shared incorrectly with normal browsing content, allowing information from private tabs to escape Incognito mode even after the user closed all tabs This vulnerability affects Firefox for iOS < 143.1. | |
References |
|

Status: PUBLISHED
Assigner: mozilla
Published:
Updated: 2025-09-30T13:38:50.570Z
Reserved: 2025-09-22T18:14:38.909Z
Link: CVE-2025-10859

Updated: 2025-09-30T13:38:09.641Z

Status : Received
Published: 2025-09-30T13:15:48.550
Modified: 2025-09-30T14:15:37.667
Link: CVE-2025-10859

No data.

No data.