CVE-2025-1009 | Mozilla Thunderbird up to 128.6/134.x XSLT use after free

Inserito da Angelo Barbosa | Feb 4, 2025 | CVE

A vulnerability, which was classified as critical, has been found in Mozilla Thunderbird up to 128.6/134.x. This issue affects some unknown processing of the component XSLT Handler. The manipulation leads to use after free.

The identification of this vulnerability is CVE-2025-1009. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-1009 | Mozilla Thunderbird up to 128.6/134.x XSLT use after free

Post correlati

CVE-2024-39883 | Delta Electronics CNCSoft-G2 2.0.0.5 heap-based overflow (icsa-24-191-01)

CVE-2024-40669 | Google Android use after free

CVE-2022-28658 | Canonical Apport up to 2.20.x Argument Parser unknown vulnerability (USN-5427-1)

CVE-2024-36471 | Apache Allura up to 1.16.0 DNS information disclosure