{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-1012", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "state": "PUBLISHED", "assignerShortName": "mozilla", "dateReserved": "2025-02-04T07:26:31.830Z", "datePublished": "2025-02-04T13:58:53.687Z", "dateUpdated": "2026-04-13T14:25:14.718Z"}, "containers": {"cna": {"affected": [{"product": "Firefox", "vendor": "Mozilla", "versions": [{"status": "unaffected", "version": "115.20", "lessThanOrEqual": "115.*", "versionType": "rpm"}, {"status": "unaffected", "version": "128.7", "lessThanOrEqual": "128.*", "versionType": "rpm"}, {"status": "unaffected", "version": "135", "lessThanOrEqual": "*", "versionType": "rpm"}]}, {"product": "Thunderbird", "vendor": "Mozilla", "versions": [{"status": "unaffected", "version": "128.7", "lessThanOrEqual": "128.*", "versionType": "rpm"}, {"status": "unaffected", "version": "135", "lessThanOrEqual": "*", "versionType": "rpm"}]}], "descriptions": [{"lang": "en", "value": "A race during concurrent delazification could have led to a use-after-free. This vulnerability was fixed in Firefox 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "A race during concurrent delazification could have led to a use-after-free. This vulnerability was fixed in Firefox 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135."}]}], "title": "Use-after-free during concurrent delazification", "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1939710"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-07/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-08/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-09/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-10/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-11/"}], "credits": [{"lang": "en", "value": "Nils Bars"}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2026-04-13T14:25:14.718Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-416", "lang": "en", "description": "CWE-416 Use After Free"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-02-05T16:01:27.330301Z", "id": "CVE-2025-1012", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-05T16:02:50.164Z"}}, {"title": "CVE Program Container", "references": [{"url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00006.html"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00005.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T20:56:54.541Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00006.html"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00005.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T20:56:54.541Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-1012", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-05T16:01:27.330301Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-416", "description": "CWE-416 Use After Free"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-05T16:02:39.735Z"}}], "cna": {"title": "Use-after-free during concurrent delazification", "credits": [{"lang": "en", "value": "Nils Bars"}], "affected": [{"vendor": "Mozilla", "product": "Firefox", "versions": [{"status": "unaffected", "version": "115.20", "versionType": "rpm", "lessThanOrEqual": "115.*"}, {"status": "unaffected", "version": "128.7", "versionType": "rpm", "lessThanOrEqual": "128.*"}, {"status": "unaffected", "version": "135", "versionType": "rpm", "lessThanOrEqual": "*"}]}, {"vendor": "Mozilla", "product": "Thunderbird", "versions": [{"status": "unaffected", "version": "128.7", "versionType": "rpm", "lessThanOrEqual": "128.*"}, {"status": "unaffected", "version": "135", "versionType": "rpm", "lessThanOrEqual": "*"}]}], "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1939710"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-07/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-08/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-09/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-10/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-11/"}], "descriptions": [{"lang": "en", "value": "A race during concurrent delazification could have led to a use-after-free. This vulnerability was fixed in Firefox 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135.", "supportingMedia": [{"type": "text/html", "value": "A race during concurrent delazification could have led to a use-after-free. This vulnerability was fixed in Firefox 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135.", "base64": false}]}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2026-04-13T14:25:14.718Z"}}}, "cveMetadata": {"cveId": "CVE-2025-1012", "state": "PUBLISHED", "dateUpdated": "2026-04-13T14:25:14.718Z", "dateReserved": "2025-02-04T07:26:31.830Z", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "datePublished": "2025-02-04T13:58:53.687Z", "assignerShortName": "mozilla"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*", "matchCriteriaId": "9D052B41-C615-4037-B188-59F57CDEFBF8", "versionEndExcluding": "115.20.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*", "matchCriteriaId": "C08017D5-BBC7-4E01-92D2-CE2E2ED9453A", "versionEndExcluding": "135.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*", "matchCriteriaId": "B58365E6-5BBF-44CA-97A6-502D35489964", "versionEndExcluding": "128.7.0", "versionStartIncluding": "128.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:-:*:*:*", "matchCriteriaId": "F8E84F18-A04E-4E18-8AB6-16EB629F7C84", "versionEndExcluding": "135.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:esr:*:*:*", "matchCriteriaId": "0504330C-A82A-4E1E-9774-38CCB3DF8D92", "versionEndExcluding": "128.7.0", "versionStartIncluding": "128.0.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A race during concurrent delazification could have led to a use-after-free. This vulnerability was fixed in Firefox 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135."}, {"lang": "es", "value": "Una ejecuci\u00f3n durante la delazificaci\u00f3n simult\u00e1nea podr\u00eda haber dado lugar a un uso despu\u00e9s de la liberaci\u00f3n. Esta vulnerabilidad afecta a Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, y Thunderbird < 135. "}], "id": "CVE-2025-1012", "lastModified": "2026-04-13T15:16:49.693", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-02-04T14:15:32.000", "references": [{"source": "security@mozilla.org", "tags": ["Permissions Required"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1939710"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-07/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-08/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-09/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-10/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-11/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00005.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00006.html"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-416"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2025:1132", "cpe": "cpe:/o:redhat:rhel_els:7", "package": "firefox-0:128.7.0-1.el7_9", "product_name": "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "release_date": "2025-02-06T00:00:00Z"}, {"advisory": "RHSA-2025:1283", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "firefox-0:128.7.0-1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-02-11T00:00:00Z"}, {"advisory": "RHSA-2025:1292", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "thunderbird-0:128.7.0-1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-02-11T00:00:00Z"}, {"advisory": "RHSA-2025:1133", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "firefox-0:128.7.0-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2025-02-06T00:00:00Z"}, {"advisory": "RHSA-2025:1348", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "thunderbird-0:128.7.0-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2025-02-12T00:00:00Z"}, {"advisory": "RHSA-2025:1135", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "firefox-0:128.7.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2025-02-06T00:00:00Z"}, {"advisory": "RHSA-2025:1339", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "thunderbird-0:128.7.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2025-02-12T00:00:00Z"}, {"advisory": "RHSA-2025:1135", "cpe": "cpe:/a:redhat:rhel_tus:8.4", "package": "firefox-0:128.7.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2025-02-06T00:00:00Z"}, {"advisory": "RHSA-2025:1339", "cpe": "cpe:/a:redhat:rhel_tus:8.4", "package": "thunderbird-0:128.7.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2025-02-12T00:00:00Z"}, {"advisory": "RHSA-2025:1135", "cpe": "cpe:/a:redhat:rhel_e4s:8.4", "package": "firefox-0:128.7.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2025-02-06T00:00:00Z"}, {"advisory": "RHSA-2025:1339", "cpe": "cpe:/a:redhat:rhel_e4s:8.4", "package": "thunderbird-0:128.7.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2025-02-12T00:00:00Z"}, {"advisory": "RHSA-2025:1136", "cpe": "cpe:/a:redhat:rhel_aus:8.6", "package": "firefox-0:128.7.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date": "2025-02-06T00:00:00Z"}, {"advisory": "RHSA-2025:1341", "cpe": "cpe:/a:redhat:rhel_aus:8.6", "package": "thunderbird-0:128.7.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date": "2025-02-12T00:00:00Z"}, {"advisory": "RHSA-2025:1136", "cpe": "cpe:/a:redhat:rhel_tus:8.6", "package": "firefox-0:128.7.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date": "2025-02-06T00:00:00Z"}, {"advisory": "RHSA-2025:1341", "cpe": "cpe:/a:redhat:rhel_tus:8.6", "package": "thunderbird-0:128.7.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date": "2025-02-12T00:00:00Z"}, {"advisory": "RHSA-2025:1136", "cpe": "cpe:/a:redhat:rhel_e4s:8.6", "package": "firefox-0:128.7.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date": "2025-02-06T00:00:00Z"}, {"advisory": "RHSA-2025:1341", "cpe": "cpe:/a:redhat:rhel_e4s:8.6", "package": "thunderbird-0:128.7.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date": "2025-02-12T00:00:00Z"}, {"advisory": "RHSA-2025:1137", "cpe": "cpe:/a:redhat:rhel_eus:8.8", "package": "firefox-0:128.7.0-1.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2025-02-06T00:00:00Z"}, {"advisory": "RHSA-2025:1340", "cpe": "cpe:/a:redhat:rhel_eus:8.8", "package": "thunderbird-0:128.7.0-1.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2025-02-12T00:00:00Z"}, {"advisory": "RHSA-2025:1066", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "firefox-0:128.7.0-1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-02-05T00:00:00Z"}, {"advisory": "RHSA-2025:1184", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "thunderbird-0:128.7.0-1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-02-10T00:00:00Z"}, {"advisory": "RHSA-2025:1138", "cpe": "cpe:/a:redhat:rhel_e4s:9.0", "package": "firefox-0:128.7.0-1.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2025-02-06T00:00:00Z"}, {"advisory": "RHSA-2025:1319", "cpe": "cpe:/a:redhat:rhel_e4s:9.0", "package": "thunderbird-0:128.7.0-1.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2025-02-11T00:00:00Z"}, {"advisory": "RHSA-2025:1139", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "firefox-0:128.7.0-1.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2025-02-06T00:00:00Z"}, {"advisory": "RHSA-2025:1317", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "thunderbird-0:128.7.0-1.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2025-02-11T00:00:00Z"}, {"advisory": "RHSA-2025:1140", "cpe": "cpe:/a:redhat:rhel_eus:9.4", "package": "firefox-0:128.7.0-1.el9_4", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2025-02-06T00:00:00Z"}, {"advisory": "RHSA-2025:1318", "cpe": "cpe:/a:redhat:rhel_eus:9.4", "package": "thunderbird-0:128.7.0-1.el9_4", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2025-02-11T00:00:00Z"}], "bugzilla": {"description": "firefox: thunderbird: Use-after-free during concurrent delazification", "id": "2343765", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343765"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.6", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H", "status": "verified"}, "cwe": "CWE-416", "details": ["A race during concurrent delazification could have led to a use-after-free. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.", "A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A race during concurrent delazification could have led to a use-after-free."], "name": "CVE-2025-1012", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "firefox-flatpak-container", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "thunderbird-flatpak-container", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "firefox-flatpak-container", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "thunderbird-flatpak-container", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-02-04T13:58:53Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-1012\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-1012\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1939710\nhttps://www.mozilla.org/security/advisories/mfsa2025-07/\nhttps://www.mozilla.org/security/advisories/mfsa2025-08/\nhttps://www.mozilla.org/security/advisories/mfsa2025-09/\nhttps://www.mozilla.org/security/advisories/mfsa2025-10/\nhttps://www.mozilla.org/security/advisories/mfsa2025-11/"], "statement": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "threat_severity": "Moderate"}

{"analysis": {"en": {"generated_at": "2026-04-22T04:17:58.669006+00:00", "value": {"mitigation_remediation": ["Upgrade to Firefox\u00a0135 or later, or to Firefox\u00a0ESR\u00a0115.20/128.7, and to Thunderbird\u00a0128.7 or 135 to apply the fix.", "If an update is not yet available, keep the browsers at the most recent security\u2011patched release level and limit exposure by avoiding untrusted web content and disabling questionable extensions.", "Monitor vendor security advisories for any further patches or related concurrency fixes and apply them promptly."], "summary": {"action": "Patch Immediately", "impact": "Use-After-Free (Potential for memory corruption)"}, "threat_synthesis": {"affected_systems": "Mozilla Firefox versions up to 134 (including all Standard and ESR editions below 115.20 and below 128.7) and Mozilla Thunderbird versions below 128.7 and 135. The affected binaries are also distributed in several Red\u202fHat Enterprise Linux environments, notably versions\u202f8 and\u202f9 and their extended service releases (AUS, EUS, TUS, ELS).", "description_and_impact": "A race condition that occurs during concurrent delazification can trigger a use\u2011after\u2011free in the rendering engine. This flaw permits the application to access memory that has already been freed, which could lead to memory corruption or unintended data modification. The vulnerability is classified as a memory\u2011management defect, identified by CWE\u2011416.", "risk_and_exploitability": "The CVSS score of 9.8 signals a critical severity. The EPSS score is under 1\u202f%, indicating that exploitation activity has been very low so far, and the vulnerability is not listed in the CISA KEV catalog. The description does not detail a usable exploit or a confirmed attack vector, so the risk remains theoretical but the potential impact would be high if exploited."}}}}, "created": "2026-04-22T04:30:05.312183+00:00", "updated": "2026-04-22T04:30:05.312195+00:00", "vendors": []}