CVE-2025-1010
An attacker could have caused a use-after-free via the Custom Highlight API, leading to a potentially exploitable crash. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.
Vendor
Product
CWE
Yayın Tarihi
2025-02-04 14:15:31
Güncelleme
2025-11-03 21:18:50
Source Identifier
security@mozilla.org
KEV Date Added
-
Kategoriler
Referanslar
https://bugzilla.mozilla.org/show_bug.cgi?id=1936982
https://www.mozilla.org/security/advisories/mfsa2025-07/
https://www.mozilla.org/security/advisories/mfsa2025-08/
https://www.mozilla.org/security/advisories/mfsa2025-09/
https://www.mozilla.org/security/advisories/mfsa2025-10/
https://www.mozilla.org/security/advisories/mfsa2025-11/
https://lists.debian.org/debian-lts-announce/2025/02/msg00005.html
https://lists.debian.org/debian-lts-announce/2025/02/msg00006.html