Security Advisory

CVE-2025-1931

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-04 13:31:23

Last updated 2026-04-13 14:27:33

Assigner mozilla

State PUBLISHED

Description

It was possible to cause a use-after-free in the content process side of a WebTransport connection, leading to a potentially exploitable crash. This vulnerability was fixed in Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8.

← Browse all CVEs View on cve.org ↗