cbcvebase.
CVE-2025-4918
published 2025-05-17

CVE-2025-4918: An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability was fixed in Firefox 138.0.4, Firefox ESR…

critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability was fixed in Firefox 138.0.4, Firefox ESR 128.10.1, Firefox ESR 115.23.1, Thunderbird 128.10.2, and Thunderbird 138.0.2.

Affected

13 ranges
VendorProductVersion rangeFixed in
debianfirefox< firefox 138.0.4-1 (sid)firefox 138.0.4-1 (sid)
debianfirefox-esr< firefox 138.0.4-1 (sid)firefox 138.0.4-1 (sid)
debianthunderbird< firefox 138.0.4-1 (sid)firefox 138.0.4-1 (sid)
mozillafirefox< 115.23.1115.23.1
mozillafirefox< 138.0.4138.0.4
mozillafirefox
mozillafirefox>= 116.0 < 128.10.1128.10.1
mozillathunderbird< 128.10.2128.10.2
mozillathunderbird>= 0 < 1:128.11.0esr-1~deb11u11:128.11.0esr-1~deb11u1
mozillathunderbird>= 0 < 1:128.11.0esr-1~deb12u11:128.11.0esr-1~deb12u1
mozillathunderbird>= 0 < 1:128.11.0esr-11:128.11.0esr-1
mozillathunderbird>= 0 < 1:128.11.0esr-11:128.11.0esr-1
mozillathunderbird>= 138.0 < 138.0.2138.0.2

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL