Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2025-1010

Опубликовано: 04 фев. 2025
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 8.8

Описание

An attacker could have caused a use-after-free via the Custom Highlight API, leading to a potentially exploitable crash. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.

РелизСтатусПримечание
devel

not-affected

code not present
esm-infra/focal

DNE

focal

released

135.0+build2-0ubuntu0.20.04.1
jammy

not-affected

code not present
noble

not-affected

code not present
oracular

not-affected

code not present
plucky

not-affected

code not present
questing

not-affected

code not present
upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/noble

ignored

esm-infra/focal

DNE

focal

DNE

jammy

ignored

noble

ignored

oracular

DNE

plucky

DNE

questing

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

DNE

noble

ignored

oracular

ignored

plucky

ignored

questing

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/bionic

needs-triage

esm-infra/focal

DNE

focal

DNE

jammy

DNE

noble

DNE

oracular

DNE

plucky

DNE

questing

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/focal

needs-triage

esm-infra/bionic

ignored

focal

ignored

jammy

DNE

noble

DNE

oracular

DNE

plucky

DNE

questing

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

focal

ignored

jammy

DNE

noble

DNE

oracular

DNE

plucky

DNE

questing

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/jammy

needs-triage

esm-infra/focal

DNE

focal

DNE

jammy

ignored

noble

DNE

oracular

DNE

plucky

DNE

questing

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

noble

DNE

oracular

DNE

plucky

DNE

questing

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

not-affected

code not present
esm-infra/focal

DNE

focal

ignored

end of standard support, was needed
jammy

released

1:128.12.0+build1-0ubuntu0.22.04.1
noble

not-affected

code not present
oracular

not-affected

code not present
plucky

not-affected

code not present
questing

not-affected

code not present
upstream

released

128.7,135

Показывать по

Ссылки на источники

EPSS

Процентиль: 65%
0.00502
Низкий

8.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2025-1010

CVSS3: 8.8
redhat
9 месяцев назад

An attacker could have caused a use-after-free via the Custom Highlight API, leading to a potentially exploitable crash. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.

nvd логотип

CVE-2025-1010

CVSS3: 8.8
nvd
9 месяцев назад

An attacker could have caused a use-after-free via the Custom Highlight API, leading to a potentially exploitable crash. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.

debian логотип

CVE-2025-1010

CVSS3: 8.8
debian
9 месяцев назад

An attacker could have caused a use-after-free via the Custom Highligh ...

github логотип

GHSA-f666-246m-p7mg

CVSS3: 9.8
github
9 месяцев назад

An attacker could have caused a use-after-free via the Custom Highlight API, leading to a potentially exploitable crash. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.

fstec логотип

BDU:2025-02314

CVSS3: 9.8
fstec
9 месяцев назад

Уязвимость компонента Custom Highlight API браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, Thunderbird ESR, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 65%
0.00502
Низкий

8.8 High

CVSS3

Уязвимость CVE-2025-1010