- Description
- Memory safety bug present in Firefox ESR 128.9, and Thunderbird 128.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 128.10 and Thunderbird < 128.10.
- Source
- security@mozilla.org
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 2.5
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
- Severity
- MEDIUM
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-119
- Hype score
- Not currently trending
⚠️Múltiples vulnerabilidades en los productos de Mozilla para Red Hat ❗CVE-2025-4091 ❗CVE-2025-4087 ❗CVE-2025-4083 ❗CVE-2025-2817 ❗CVE-2025-4093 ➡️Más info: https://t.co/xIEj7nBvyC https://t.co/2Yb4UJpdb7
@CERTpy
5 May 2025
83 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Actualizaciones de seguridad para los productos de Mozilla ❗CVE-2025-2817 ❗CVE-2025-4092 ❗CVE-2025-4093 ❗CVE-2025-4082 ❗CVE-2025-4083 ➡️Más info: https://t.co/JJi9oHSZKG https://t.co/FTPvTHCUWL
@CERTpy
30 Apr 2025
71 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-4093 Memory safety bug present in Firefox ESR 128.9, and Thunderbird 128.9. This bug showed evidence of memory corruption and we presume that with enough effort this could h… https://t.co/HKYBpwWExS
@CVEnew
29 Apr 2025
234 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3378E5EE-9ABF-444B-AA88-9EAF8D8058DE",
"versionEndExcluding": "128.10"
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:esr:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DC19822B-CC07-4C6F-BAAD-C7A9C4E73FA9",
"versionEndExcluding": "128.10.0"
}
],
"operator": "OR"
}
]
}
]