Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-6424

Опубликовано: 24 июн. 2025
Источник: debian

Описание

A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability affects Firefox < 140, Firefox ESR < 115.25, Firefox ESR < 128.12, Thunderbird < 140, and Thunderbird < 128.12.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
firefoxfixed140.0-1package
firefox-esrfixed128.12.0esr-1package
thunderbirdfixed1:128.12.0esr-1package

Примечания

  • https://www.mozilla.org/en-US/security/advisories/mfsa2025-51/#CVE-2025-6424

  • https://www.mozilla.org/en-US/security/advisories/mfsa2025-53/#CVE-2025-6424

  • https://www.mozilla.org/en-US/security/advisories/mfsa2025-54/#CVE-2025-6424

Связанные уязвимости

ubuntu логотип

CVE-2025-6424

CVSS3: 9.8
ubuntu
3 месяца назад

A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability affects Firefox < 140, Firefox ESR < 115.25, Firefox ESR < 128.12, Thunderbird < 140, and Thunderbird < 128.12.

redhat логотип

CVE-2025-6424

CVSS3: 7.5
redhat
3 месяца назад

A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability affects Firefox < 140, Firefox ESR < 115.25, Firefox ESR < 128.12, Thunderbird < 140, and Thunderbird < 128.12.

nvd логотип

CVE-2025-6424

CVSS3: 9.8
nvd
3 месяца назад

A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability affects Firefox < 140, Firefox ESR < 115.25, Firefox ESR < 128.12, Thunderbird < 140, and Thunderbird < 128.12.

github логотип

GHSA-87c4-94w2-rw7j

CVSS3: 9.8
github
2 месяца назад

A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability affects Firefox < 140, Firefox ESR < 115.25, and Firefox ESR < 128.12.

fstec логотип

BDU:2025-07723

CVSS3: 5.3
fstec
3 месяца назад

Уязвимость интерфейса FontFaceSet браузеров Mozilla Firefox, Firefox ESR, позволяющая нарушителю вызвать отказ в обслуживании