{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-10532", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "state": "PUBLISHED", "assignerShortName": "mozilla", "dateReserved": "2025-09-16T06:48:42.913Z", "datePublished": "2025-09-16T12:26:36.188Z", "dateUpdated": "2026-04-13T14:28:17.996Z"}, "containers": {"cna": {"affected": [{"product": "Firefox", "vendor": "Mozilla", "versions": [{"status": "unaffected", "version": "140.3", "lessThanOrEqual": "140.*", "versionType": "rpm"}, {"status": "unaffected", "version": "143", "lessThanOrEqual": "*", "versionType": "rpm"}]}, {"product": "Thunderbird", "vendor": "Mozilla", "versions": [{"status": "unaffected", "version": "140.3", "lessThanOrEqual": "140.*", "versionType": "rpm"}, {"status": "unaffected", "version": "143", "lessThanOrEqual": "*", "versionType": "rpm"}]}], "descriptions": [{"lang": "en", "value": "Incorrect boundary conditions in the JavaScript: GC component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Incorrect boundary conditions in the JavaScript: GC component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3."}]}], "title": "Incorrect boundary conditions in the JavaScript: GC component", "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1979502"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-73/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-75/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-77/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-78/"}], "credits": [{"lang": "en", "value": "Gary Kwong"}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2026-04-13T14:28:17.996Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-754", "lang": "en", "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-09-17T17:10:59.315985Z", "id": "CVE-2025-10532", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-17T17:11:04.581Z"}}, {"title": "CVE Program Container", "references": [{"url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00026.html"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00020.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T18:08:33.712Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00026.html"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00020.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T18:08:33.712Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-10532", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-09-17T17:10:59.315985Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-754", "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-17T17:10:37.801Z"}}], "cna": {"title": "Incorrect boundary conditions in the JavaScript: GC component", "credits": [{"lang": "en", "value": "Gary Kwong"}], "affected": [{"vendor": "Mozilla", "product": "Firefox", "versions": [{"status": "unaffected", "version": "140.3", "versionType": "rpm", "lessThanOrEqual": "140.*"}, {"status": "unaffected", "version": "143", "versionType": "rpm", "lessThanOrEqual": "*"}]}, {"vendor": "Mozilla", "product": "Thunderbird", "versions": [{"status": "unaffected", "version": "140.3", "versionType": "rpm", "lessThanOrEqual": "140.*"}, {"status": "unaffected", "version": "143", "versionType": "rpm", "lessThanOrEqual": "*"}]}], "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1979502"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-73/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-75/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-77/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-78/"}], "descriptions": [{"lang": "en", "value": "Incorrect boundary conditions in the JavaScript: GC component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.", "supportingMedia": [{"type": "text/html", "value": "Incorrect boundary conditions in the JavaScript: GC component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.", "base64": false}]}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2026-04-13T14:28:17.996Z"}}}, "cveMetadata": {"cveId": "CVE-2025-10532", "state": "PUBLISHED", "dateUpdated": "2026-04-13T14:28:17.996Z", "dateReserved": "2025-09-16T06:48:42.913Z", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "datePublished": "2025-09-16T12:26:36.188Z", "assignerShortName": "mozilla"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*", "matchCriteriaId": "277CA9C0-BD77-46D8-8191-F54598F7F47B", "versionEndExcluding": "140.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*", "matchCriteriaId": "6071B71C-B967-45B9-8CA4-1CB0A9E24D1A", "versionEndExcluding": "143.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "3A5AA31F-5E87-4759-9E8B-D12A91F10CFE", "versionEndExcluding": "140.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "6FA9EF30-CE04-4A16-8083-E3A773AF2AB8", "versionEndExcluding": "143.0", "versionStartIncluding": "141.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Incorrect boundary conditions in the JavaScript: GC component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3."}], "id": "CVE-2025-10532", "lastModified": "2026-04-13T15:16:36.677", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 2.5, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-09-16T13:15:47.067", "references": [{"source": "security@mozilla.org", "tags": ["Permissions Required"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1979502"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-73/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-75/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-77/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-78/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00020.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00026.html"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-754"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2025:16109", "cpe": "cpe:/o:redhat:enterprise_linux:10.0", "package": "firefox-0:140.3.0-1.el10_0", "product_name": "Red Hat Enterprise Linux 10", "release_date": "2025-09-17T00:00:00Z"}, {"advisory": "RHSA-2025:16108", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "firefox-0:140.3.0-1.el9_6", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-09-17T00:00:00Z"}], "bugzilla": {"description": "firefox: thunderbird: Incorrect boundary conditions in the JavaScript: GC component", "id": "2395754", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395754"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.1", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "status": "verified"}, "cwe": "CWE-125", "details": ["No description is available for this CVE."], "name": "CVE-2025-10532", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "rhel10/firefox-flatpak", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "rhel10/thunderbird-flatpak", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-09-16T12:26:36Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-10532\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-10532\nhttps://www.mozilla.org/security/advisories/mfsa2025-75/#CVE-2025-10532\nhttps://www.mozilla.org/security/advisories/mfsa2025-78/#CVE-2025-10532"], "statement": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "threat_severity": "Moderate"}

{"analysis": {"en": {"generated_at": "2026-04-20T17:57:44.072343+00:00", "value": {"mitigation_remediation": ["Upgrade to Firefox 143 or newer (or Firefox ESR 140.3 or newer) and to Thunderbird 143 or newer (or Thunderbird ESR 140.3 or newer) to receive the corrected garbage collector;", "If an upgrade cannot be performed immediately, consider disabling or limiting JavaScript execution in the affected applications as a temporary mitigation, keeping in mind that this may affect normal functionality.", "Stay informed of further security notices from Mozilla and apply subsequent patches promptly once they are released."], "summary": {"action": "Patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "The flaw affects Mozilla Firefox and Thunderbird, impacting all releases up to but not including Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3. Systems running any prior versions remain vulnerable while those on the specified or newer updates are safe.", "description_and_impact": "Mozilla\u2019s JavaScript garbage collector contains an incorrect boundary check that can cause an out\u2011of\u2011bounds read (CWE\u2011125) or buffer under\u2011read (CWE\u2011754). An attacker who can cause the garbage collector to process crafted data may trigger a crash in the rendering or email process, leading to a denial of service and potential loss of availability for the affected user. The vulnerability does not enable code execution or data disclosure, but the stability impact of a crash is significant for the application\u2019s user experience.", "risk_and_exploitability": "The CVSS score of 6.5 marks this as moderate severity. The EPSS score of less than 1\u202f% indicates a very low exploitation probability, and the vulnerability is not listed in the CISA KEV catalog. Exploitation would likely require the attacker to inject malicious JavaScript that the client machine processes, so the attack vector is reasonably limited to local or remote contexts where the user can run arbitrary script. Because no remote code execution component is present, the risk to confidentiality or integrity is low, but the availability impact warrants timely remediation."}}}}, "created": "2025-09-17T10:04:53.165586+00:00", "updated": "2026-04-20T18:00:11.171383+00:00", "vendors": ["mozilla", "mozilla$PRODUCT$firefox", "mozilla$PRODUCT$firefox_esr", "mozilla$PRODUCT$thunderbird"]}