Mozilla Vpn
4 CVEs affecting Mozilla Vpn. Latest disclosed: 2025-06-11. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-5687 | High | 7.8 | 2025-06-11 | A vulnerability in Mozilla VPN on macOS allows privilege escalation from a normal user to root. *This bug only affects Mozilla VPN on macOS. Other operating sy… |
CVE-2022-0517 | High | 7.8 | 2022-12-22 | Mozilla VPN can load an OpenSSL configuration file from an unsecured directory. A user or attacker with limited privileges could leverage this to launch arbitr… |
CVE-2020-15679 | High | 7.6 | 2022-12-22 | An OAuth session fixation vulnerability existed in the VPN login flow, where an attacker could craft a custom login URL, convince a VPN user to login via that… |
CVE-2023-4104 | Medium | 5.5 | 2023-09-11 | An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups. *Thi… |