Security Advisory

CVE-2025-3028

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-01 12:28:58

Last updated 2026-04-13 14:25:58

Assigner mozilla

State PUBLISHED

Description

JavaScript code running while transforming a document with the XSLTProcessor could lead to a use-after-free. This vulnerability was fixed in Firefox 137, Firefox ESR 115.22, Firefox ESR 128.9, Thunderbird 137, and Thunderbird 128.9.

← Browse all CVEs View on cve.org ↗