Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-4090

Опубликовано: 29 апр. 2025
Источник: redhat
CVSS3: 3.3
EPSS Низкий

Описание

A vulnerability existed in Thunderbird for Android where potentially sensitive library locations were logged via Logcat. This vulnerability affects Firefox < 138 and Thunderbird < 138.

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A vulnerability existed in Firefox for Android where potentially sensitive library locations were logged via Logcat.

Отчет

Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6firefoxOut of support scope
Red Hat Enterprise Linux 6thunderbirdOut of support scope
Red Hat Enterprise Linux 7firefoxNot affected
Red Hat Enterprise Linux 7thunderbirdOut of support scope
Red Hat Enterprise Linux 8firefoxNot affected
Red Hat Enterprise Linux 8thunderbirdNot affected
Red Hat Enterprise Linux 9firefoxNot affected
Red Hat Enterprise Linux 9firefox-flatpak-containerNot affected
Red Hat Enterprise Linux 9thunderbirdNot affected
Red Hat Enterprise Linux 9thunderbird-flatpak-containerNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-532
https://bugzilla.redhat.com/show_bug.cgi?id=2362913firefox: thunderbird: Leaked library paths in Firefox for Android

EPSS

Процентиль: 12%
0.00041
Низкий

3.3 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-4090

CVSS3: 6.5
ubuntu
около 2 месяцев назад

A vulnerability existed in Thunderbird for Android where potentially sensitive library locations were logged via Logcat. This vulnerability affects Firefox < 138 and Thunderbird < 138.

nvd логотип

CVE-2025-4090

CVSS3: 6.5
nvd
около 2 месяцев назад

A vulnerability existed in Thunderbird for Android where potentially sensitive library locations were logged via Logcat. This vulnerability affects Firefox < 138 and Thunderbird < 138.

debian логотип

CVE-2025-4090

CVSS3: 6.5
debian
около 2 месяцев назад

A vulnerability existed in Thunderbird for Android where potentially s ...

github логотип

GHSA-63pj-8c5p-x939

CVSS3: 6.5
github
около 2 месяцев назад

A vulnerability existed in Firefox for Android where potentially sensitive library locations were logged via Logcat. This vulnerability affects Firefox < 138 and Thunderbird < 138.

fstec логотип

BDU:2025-05383

CVSS3: 6.5
fstec
около 2 месяцев назад

Уязвимость браузера Mozilla Firefox и почтового клиента Thunderbird операционных систем Android, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

EPSS

Процентиль: 12%
0.00041
Низкий

3.3 Low

CVSS3