CVE-2025-3032

Опубликовано: 01 апр. 2025

Источник: debian

EPSS Низкий

Описание

Leaking of file descriptors from the fork server to web content processes could allow for privilege escalation attacks. This vulnerability affects Firefox < 137 and Thunderbird < 137.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
firefox	fixed	137.0-1		package

Примечания

https://www.mozilla.org/en-US/security/advisories/mfsa2025-20/#CVE-2025-3032

EPSS

Процентиль: 13%

0.00043

Низкий

Связанные уязвимости

CVE-2025-3032

CVSS3: 7.4

ubuntu

3 месяца назад

Leaking of file descriptors from the fork server to web content processes could allow for privilege escalation attacks. This vulnerability affects Firefox < 137 and Thunderbird < 137.

CVE-2025-3032

CVSS3: 6.3

redhat

3 месяца назад

Leaking of file descriptors from the fork server to web content processes could allow for privilege escalation attacks. This vulnerability affects Firefox < 137 and Thunderbird < 137.

CVE-2025-3032

CVSS3: 7.4

nvd

3 месяца назад

Leaking of file descriptors from the fork server to web content processes could allow for privilege escalation attacks. This vulnerability affects Firefox < 137 and Thunderbird < 137.

GHSA-h3xj-xc3c-cvpm

CVSS3: 7.4

github

3 месяца назад

Leaking of file descriptors from the fork server to web content processes could allow for privilege escalation attacks. This vulnerability affects Firefox < 137 and Thunderbird < 137.

EPSS

Процентиль: 13%

0.00043

Низкий