CVE-2025-1414

Опубликовано: 18 фев. 2025

Источник: redhat

CVSS3: 8.8

EPSS Низкий

Описание

Memory safety bugs present in Firefox 135. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 135.0.1.

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory: Memory safety bugs present in Firefox 135. Some of these bugs show evidence of memory corruption and we presume that with enough effort, some of these could be exploited to run arbitrary code.

Отчет

Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	firefox	Out of support scope
Red Hat Enterprise Linux 7	firefox	Fix deferred
Red Hat Enterprise Linux 8	firefox	Fix deferred
Red Hat Enterprise Linux 9	firefox	Fix deferred
Red Hat Enterprise Linux 9	firefox-flatpak-container	Fix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important

Дефект:

CWE-120

https://bugzilla.redhat.com/show_bug.cgi?id=2346254firefox: Memory safety bugs fixed in Firefox 135.0.1

EPSS

Процентиль: 44%

0.00208

Низкий

8.8 High

CVSS3

Связанные уязвимости

CVE-2025-1414

CVSS3: 6.5

ubuntu

4 месяца назад

CVE-2025-1414

CVSS3: 6.5

nvd

4 месяца назад

CVE-2025-1414

CVSS3: 6.5

debian

4 месяца назад

Memory safety bugs present in Firefox 135. Some of these bugs showed e ...

GHSA-p5jc-239c-pvvf

CVSS3: 6.5

github

4 месяца назад

BDU:2025-06798

CVSS3: 6.5

fstec

4 месяца назад

Уязвимость браузера Mozilla Firefox, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 44%

0.00208

Низкий

8.8 High

CVSS3