CVE-2025-1414
published 2025-02-18CVE-2025-1414: Memory safety bugs present in Firefox 135. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could…
medium6.5CVSS 3.1
AVNACLPRNUINSUCNILAL
Memory safety bugs present in Firefox 135. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 135.0.1.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | firefox | < firefox 135.0.1-1 (sid) | firefox 135.0.1-1 (sid) |
| mozilla | firefox | < 135.0.1 | 135.0.1 |
| mozilla | firefox | — | — |
| mozilla | firefox | >= 0 < 136.0+build3-0ubuntu0.20.04.1 | 136.0+build3-0ubuntu0.20.04.1 |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
osv6.5MEDIUM
OSV
CVE-2025-1414: Memory safety bugs present in Firefox 135
osv·2025-02-18·CVSS 6.5
CVE-2025-1414 [MEDIUM] CVE-2025-1414: Memory safety bugs present in Firefox 135
Memory safety bugs present in Firefox 135. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 135.0.1.
GHSA
GHSA-p5jc-239c-pvvf: Memory safety bugs present in Firefox 135
ghsa_unreviewed·2025-02-18
CVE-2025-1414 [MEDIUM] CWE-787 GHSA-p5jc-239c-pvvf: Memory safety bugs present in Firefox 135
Memory safety bugs present in Firefox 135. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 135.0.1.
Red Hat
firefox: Memory safety bugs fixed in Firefox 135.0.1
vendor_redhat·2025-02-18·CVSS 6.5
CVE-2025-1414 [MEDIUM] CWE-120 firefox: Memory safety bugs fixed in Firefox 135.0.1
firefox: Memory safety bugs fixed in Firefox 135.0.1
Memory safety bugs present in Firefox 135. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 135.0.1.
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory: Memory safety bugs present in Firefox 135. Some of these bugs show evidence of memory corruption and we presume that with enough effort, some of these could be exploited to run arbitrary code.
Statement: Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.
Package: firefox (Red Hat Enterprise Linux 10) - Fix deferred
Package: firefox-flatpak-container (Red
Debian
CVE-2025-1414: firefox - Memory safety bugs present in Firefox 135. Some of these bugs showed evidence of...
vendor_debian·2025·CVSS 6.5
CVE-2025-1414 [MEDIUM] CVE-2025-1414: firefox - Memory safety bugs present in Firefox 135. Some of these bugs showed evidence of...
Memory safety bugs present in Firefox 135. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 135.0.1.
Scope: local
sid: resolved (fixed in 135.0.1-1)
Mozilla
Mozilla Foundation Security Advisory 2025-12: CVE-2025-1414
vendor_mozilla·CVSS 6.5
CVE-2025-1414 [MEDIUM] Mozilla Foundation Security Advisory 2025-12: CVE-2025-1414
Mozilla Foundation Security Advisory 2025-12
CVE: CVE-2025-1414
Product: Firefox
Impact: high
Fixed in: Firefox 135.0.1
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-02-18
Published