CVE-2025-3031 — Sensitive Information Exposure in Mozilla Firefox

CWE-200 — Sensitive Information Exposure CWE-203 — Observable Discrepancy9 documents8 sources

Severity

6.5MEDIUMNVD

EPSS

0.3%

top 48.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Mozilla Thunderbird

Timeline

PublishedApr 1

Latest updateFeb 2

Description

An attacker could read 32 bits of values spilled onto the stack in a JIT compiled function. This vulnerability was fixed in Firefox 137 and Thunderbird 137.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NExploitability: 3.9 | Impact: 2.5

Affected Packages3 packages

▶NVDmozilla/firefox< 137.0

▶NVDmozilla/thunderbird< 137.0

▶Ubuntumozilla/thunderbird< 1:140.7.1+build1-0ubuntu0.22.04.1

🔴Vulnerability Details

OSV

CVE-2025-3031: An attacker could read 32 bits of values spilled onto the stack in a JIT compiled function↗2025-04-01

▶

GHSA

GHSA-5v8r-67h5-p4jj: An attacker could read 32 bits of values spilled onto the stack in a JIT compiled function↗2025-04-01

▶

CVEList

JIT optimization bug with different stack slot sizes↗2025-04-01

▶

📋Vendor Advisories

Ubuntu

Thunderbird vulnerabilities↗2026-02-02

▶

Red Hat

firefox: thunderbird: JIT optimization bug with different stack slot sizes↗2025-04-01

▶

Debian

CVE-2025-3031: firefox - An attacker could read 32 bits of values spilled onto the stack in a JIT compile...↗2025

▶

Mozilla

Mozilla Foundation Security Advisory 2025-20: CVE-2025-3031↗

▶

Mozilla

Mozilla Foundation Security Advisory 2025-23: CVE-2025-3031↗

▶