CVE-2025-0238

Description

Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Firefox ESR < 115.19, Thunderbird < 134, and Thunderbird ESR < 128.6.

References

https://www.mozilla.org/security/advisories/mfsa2025-05/

https://www.mozilla.org/security/advisories/mfsa2025-04/

https://www.mozilla.org/security/advisories/mfsa2025-03/

https://www.mozilla.org/security/advisories/mfsa2025-02/

https://www.mozilla.org/security/advisories/mfsa2025-01/

https://bugzilla.mozilla.org/show_bug.cgi?id=1915535

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3