Security Advisory

CVE-2025-5262

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-05-27 12:29:21

Last updated 2025-08-25 18:18:53

Assigner mozilla

State PUBLISHED

Description

A double-free could have occurred in `vpx_codec_enc_init_multi` after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 139 and Thunderbird < 128.11.

← Browse all CVEs View on cve.org ↗