Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-3028

Опубликовано: 01 апр. 2025
Источник: debian
EPSS Низкий

Описание

JavaScript code running while transforming a document with the XSLTProcessor could lead to a use-after-free. This vulnerability affects Firefox < 137, Firefox ESR < 115.22, Firefox ESR < 128.9, Thunderbird < 137, and Thunderbird < 128.9.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
firefoxfixed137.0-1package
firefox-esrfixed128.9.0esr-1package
thunderbirdfixed1:128.9.0esr-1package

Примечания

  • https://www.mozilla.org/en-US/security/advisories/mfsa2025-20/#CVE-2025-3028

  • https://www.mozilla.org/en-US/security/advisories/mfsa2025-22/#CVE-2025-3028

  • https://www.mozilla.org/en-US/security/advisories/mfsa2025-24/#CVE-2025-3028

  • https://project-zero.issues.chromium.org/issues/389079450

EPSS

Процентиль: 35%
0.00141
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2025-3028

CVSS3: 6.5
ubuntu
3 месяца назад

JavaScript code running while transforming a document with the XSLTProcessor could lead to a use-after-free. This vulnerability affects Firefox < 137, Firefox ESR < 115.22, Firefox ESR < 128.9, Thunderbird < 137, and Thunderbird < 128.9.

redhat логотип

CVE-2025-3028

CVSS3: 7.6
redhat
3 месяца назад

JavaScript code running while transforming a document with the XSLTProcessor could lead to a use-after-free. This vulnerability affects Firefox < 137, Firefox ESR < 115.22, Firefox ESR < 128.9, Thunderbird < 137, and Thunderbird < 128.9.

nvd логотип

CVE-2025-3028

CVSS3: 6.5
nvd
3 месяца назад

JavaScript code running while transforming a document with the XSLTProcessor could lead to a use-after-free. This vulnerability affects Firefox < 137, Firefox ESR < 115.22, Firefox ESR < 128.9, Thunderbird < 137, and Thunderbird < 128.9.

redos логотип

ROS-20250417-10

CVSS3: 6.5
redos
2 месяца назад

Уязвимость thunderbird

redos логотип

ROS-20250417-09

CVSS3: 6.5
redos
2 месяца назад

Уязвимость firefox

EPSS

Процентиль: 35%
0.00141
Низкий