{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-4090", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "state": "PUBLISHED", "assignerShortName": "mozilla", "dateReserved": "2025-04-29T13:13:45.917Z", "datePublished": "2025-04-29T13:13:46.677Z", "dateUpdated": "2026-04-13T14:28:50.482Z"}, "containers": {"cna": {"affected": [{"product": "Firefox", "vendor": "Mozilla", "versions": [{"status": "unaffected", "version": "138", "lessThanOrEqual": "*", "versionType": "rpm"}]}, {"product": "Thunderbird", "vendor": "Mozilla", "versions": [{"status": "unaffected", "version": "138", "lessThanOrEqual": "*", "versionType": "rpm"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability existed in Thunderbird for Android where potentially sensitive library locations were logged via Logcat. This vulnerability was fixed in Firefox 138 and Thunderbird 138.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "A vulnerability existed in Thunderbird for Android where potentially sensitive library locations were logged via Logcat. This vulnerability was fixed in Firefox 138 and Thunderbird 138."}]}], "title": "Leaked library paths in Thunderbird for Android", "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1929478"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-28/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-31/"}], "credits": [{"lang": "en", "value": "Seongyun Jeong"}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2026-04-13T14:28:50.482Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-532", "lang": "en", "description": "CWE-532 Insertion of Sensitive Information into Log File"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-09-23T14:45:46.173144Z", "id": "CVE-2025-4090", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-23T14:45:50.679Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-4090", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-09-23T14:45:46.173144Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-532", "description": "CWE-532 Insertion of Sensitive Information into Log File"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-29T15:37:48.959Z"}}], "cna": {"title": "Leaked library paths in Thunderbird for Android", "credits": [{"lang": "en", "value": "Seongyun Jeong"}], "affected": [{"vendor": "Mozilla", "product": "Firefox", "versions": [{"status": "unaffected", "version": "138", "versionType": "rpm", "lessThanOrEqual": "*"}]}, {"vendor": "Mozilla", "product": "Thunderbird", "versions": [{"status": "unaffected", "version": "138", "versionType": "rpm", "lessThanOrEqual": "*"}]}], "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1929478"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-28/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-31/"}], "descriptions": [{"lang": "en", "value": "A vulnerability existed in Thunderbird for Android where potentially sensitive library locations were logged via Logcat. This vulnerability was fixed in Firefox 138 and Thunderbird 138.", "supportingMedia": [{"type": "text/html", "value": "A vulnerability existed in Thunderbird for Android where potentially sensitive library locations were logged via Logcat. This vulnerability was fixed in Firefox 138 and Thunderbird 138.", "base64": false}]}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2026-04-13T14:28:50.482Z"}}}, "cveMetadata": {"cveId": "CVE-2025-4090", "state": "PUBLISHED", "dateUpdated": "2026-04-13T14:28:50.482Z", "dateReserved": "2025-04-29T13:13:45.917Z", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "datePublished": "2025-04-29T13:13:46.677Z", "assignerShortName": "mozilla"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*", "matchCriteriaId": "EB8A8C7B-B65D-4DF5-BDB5-0C3C4E2DB72C", "versionEndExcluding": "138.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:-:*:*:*", "matchCriteriaId": "D1E8CCF1-4E91-44CC-A652-B23D1337A485", "versionEndExcluding": "138.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability existed in Thunderbird for Android where potentially sensitive library locations were logged via Logcat. This vulnerability was fixed in Firefox 138 and Thunderbird 138."}, {"lang": "es", "value": "Exist\u00eda una vulnerabilidad en Firefox para Android que permit\u00eda registrar ubicaciones de librer\u00edas potencialmente sensibles mediante Logcat. Esta vulnerabilidad afecta a Firefox (versi\u00f3n anterior a la 138) y Thunderbird (versi\u00f3n anterior a la 138)."}], "id": "CVE-2025-4090", "lastModified": "2026-04-13T15:17:00.723", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-04-29T14:15:35.627", "references": [{"source": "security@mozilla.org", "tags": ["Permissions Required"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1929478"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-28/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-31/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-532"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "firefox: thunderbird: Leaked library paths in Firefox for Android", "id": "2362913", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362913"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.3", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "status": "draft"}, "cwe": "CWE-532", "details": ["A vulnerability existed in Thunderbird for Android where potentially sensitive library locations were logged via Logcat. This vulnerability affects Firefox < 138 and Thunderbird < 138.", "A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A vulnerability existed in Firefox for Android where potentially sensitive library locations were logged via Logcat."], "name": "CVE-2025-4090", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "firefox-flatpak-container", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "thunderbird-flatpak-container", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "firefox-flatpak-container", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "thunderbird-flatpak-container", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-04-29T13:13:46Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-4090\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-4090\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1929478\nhttps://www.mozilla.org/security/advisories/mfsa2025-28/\nhttps://www.mozilla.org/security/advisories/mfsa2025-31/"], "statement": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "threat_severity": "Low"}

{"analysis": {"en": {"generated_at": "2026-04-20T17:12:23.688506+00:00", "value": {"mitigation_remediation": ["Upgrade Thunderbird for Android to version 138 or later, the release that contains the fix.", "If an update is not immediately possible, disable Logcat logging for the application or restrict the READ_LOGS permission on the device so that only trusted apps can access logs.", "Implement mobile device management controls to prevent malicious applications from gaining log\u2011reading privileges or enforce device root restrictions."], "summary": {"action": "Patch", "impact": "Information disclosure"}, "threat_synthesis": {"affected_systems": "Affected products are Mozilla Thunderbird for Android, with the issue also reported for Firefox. The fix was released in Firefox 138 and Thunderbird 138, meaning any version prior to those may be vulnerable and users of older builds on Android devices are at risk.", "description_and_impact": "The vulnerability enables the Thunderbird for Android application to log library file locations, which may contain sensitive information, to Logcat. This results in the accidental disclosure of system paths that could aid an attacker in discovering the app's internal structure or sensitive configuration data. The weakness is identified as CWE-532, indicating that confidential information found in logs is exposed through the application.", "risk_and_exploitability": "The CVSS score is 5.3, placing the vulnerability in the medium severity range. The EPSS score indicates the probability of exploitation is less than 1%, and the vulnerability is not listed in the CISA KEV catalog. Given that Logcat visibility is typically local to the device and can be accessed by any app with the READ_LOGS permission, the likely attack vector is local and requires an attacker who can read the device logs, such as a malicious app or user with device access."}}}}, "created": "2026-04-20T17:15:12.552010+00:00", "updated": "2026-04-20T17:15:12.552027+00:00", "vendors": []}