- Description
- A race condition existed in nsHttpTransaction that could have been exploited to cause memory corruption, potentially leading to an exploitable condition. This vulnerability affects Firefox < 137.0.2.
- Source
- security@mozilla.org
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 4.2
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
- Severity
- MEDIUM
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-362
- Hype score
- Not currently trending
🛠️ Firefox 137.0.2 drops a critical patch for CVE-2025-3608 — a race condition in nsHttpTransaction that could trigger memory corruption & code execution. 🧠 Found by Mozilla’s Fuzzing Team. 🚫 Not exploited yet. ✅ Risk: High. Update now. 🔁 Browser threads fighting over h
@CareWeDoNot
16 Apr 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Firefox 137.0.2 & Thunderbird updates fix high-severity bugs: - CVE-2025-3608: memory corruption via race condition - CVE-2025-3522 & 2830: info exposure via malformed URLs/files Update now to stay protected! https://t.co/YJZSx39lZI #infosec #firefox https://t.co/
@dCypherIO
16 Apr 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Firefoxが高深刻度の脆弱性を修正。CVE-2025-3608はnsHttpTransactionにおける競合状態の脆弱性で、メモリ破壊の可能性あり。組織内のファジングチームによる発見。 https://t.co/hy1917hrB9
@__kokumoto
16 Apr 2025
1769 Impressions
5 Retweets
36 Likes
4 Bookmarks
0 Replies
0 Quotes
(CVE-2025-3608)[1951554]Race condition in nsHttpTransaction::mConnInfo(exploitable condition) https://t.co/Ocl0rMOtnA https://t.co/n06lR4VR1m
@xvonfers
16 Apr 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-3608 ❓ 🏢 Mozilla - Firefox 🏗️ unspecified 🔗 https://t.co/vZOXUFegTZ 🔗 https://t.co/MzD6S9NC2G 🔗 https://t.co/NpZBEN8DRx #CyberCron #VulnAlert #InfoSec https://t.co/mkNMfHHQGw
@cybercronai
15 Apr 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-3608 A race condition existed in nsHttpTransaction that could have been exploited to cause memory corruption, potentially leading to an exploitable condition. This vulnerabi… https://t.co/1LcZgcGeFn
@CVEnew
15 Apr 2025
278 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "95227E2D-E67B-4837-86BB-C031F0E0BE64",
"versionEndExcluding": "137.0.2"
}
],
"operator": "OR"
}
]
}
]