CVE-2025-3030

Published Apr 1, 2025

Last updated 3 months ago

CVSS high 8.1

Overview

Description
Memory safety bugs present in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 137, Firefox ESR < 128.9, Thunderbird < 137, and Thunderbird < 128.9.
Source
security@mozilla.org
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.1
Impact score
5.9
Exploitability score
2.2
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-416

Social media

Hype score
Not currently trending

  1. CVE-2025-3030 Memory safety bugs present in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8. Some of these bugs showed evidence of memory corruption and we pre… https://t.co/nDN2tfs0pY

    @CVEnew

    5 Apr 2025

    255 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. [SECURITY] [DSA 5891-1] thunderbird security update CVE-2025-3028 CVE-2025-3029 CVE-2025-3030 Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code https://t.co/nWEpNA5pct

    @_CYOPS

    4 Apr 2025

    19 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References

Sources include official advisories and independent security research.