Security Advisory

CVE-2025-1009

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-02-04 13:58:51

Last updated 2026-04-13 14:25:07

Assigner mozilla

State PUBLISHED

Description

An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. This vulnerability was fixed in Firefox 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135.

← Browse all CVEs View on cve.org ↗