Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-xhhw-j3h4-3x9r

Опубликовано: 29 апр. 2025
Источник: github
Github: Не прошло ревью
CVSS3: 5.9

Описание

Modification of specific WebGL shader attributes could trigger an out-of-bounds read, which, when chained with other vulnerabilities, could be used to escalate privileges. This bug only affects Firefox for macOS. Other versions of Firefox are unaffected. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird ESR < 128.10.

Modification of specific WebGL shader attributes could trigger an out-of-bounds read, which, when chained with other vulnerabilities, could be used to escalate privileges. This bug only affects Firefox for macOS. Other versions of Firefox are unaffected. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird ESR < 128.10.

EPSS

Процентиль: 17%
0.00055
Низкий

5.9 Medium

CVSS3

Дефекты

CWE-125

Связанные уязвимости

CVSS3: 5.9
ubuntu
3 месяца назад

Modification of specific WebGL shader attributes could trigger an out-of-bounds read, which, when chained with other vulnerabilities, could be used to escalate privileges. *This bug only affects Thunderbird for macOS. Other versions of Thunderbird are unaffected.* This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird < 128.10.

CVSS3: 7.6
redhat
3 месяца назад

Modification of specific WebGL shader attributes could trigger an out-of-bounds read, which, when chained with other vulnerabilities, could be used to escalate privileges. *This bug only affects Thunderbird for macOS. Other versions of Thunderbird are unaffected.* This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird < 128.10.

CVSS3: 5.9
nvd
3 месяца назад

Modification of specific WebGL shader attributes could trigger an out-of-bounds read, which, when chained with other vulnerabilities, could be used to escalate privileges. *This bug only affects Thunderbird for macOS. Other versions of Thunderbird are unaffected.* This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird < 128.10.

CVSS3: 5.9
debian
3 месяца назад

Modification of specific WebGL shader attributes could trigger an out- ...

suse-cvrf
3 месяца назад

Security update for MozillaThunderbird

EPSS

Процентиль: 17%
0.00055
Низкий

5.9 Medium

CVSS3

Дефекты

CWE-125