CVE-2025-0238

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-0238

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-0238.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-0238

Downstream

DEBIAN-CVE-2025-0238

DLA-4011-1

DLA-4012-1

DSA-5839-1

DSA-5841-1

OESA-2025-1049

OESA-2025-1050

OESA-2025-1835

RHSA-2025:0080

RHSA-2025:0132

RHSA-2025:0133

RHSA-2025:0134

RHSA-2025:0135

RHSA-2025:0136

RHSA-2025:0137

RHSA-2025:0138

RHSA-2025:0144

RHSA-2025:0147

RHSA-2025:0162

RHSA-2025:0165

RHSA-2025:0166

RHSA-2025:0167

RHSA-2025:0275

RHSA-2025:0281

RHSA-2025:0284

RHSA-2025:0286

RHSA-2025:0287

SUSE-SU-2025:0056-1

SUSE-SU-2025:0059-1

SUSE-SU-2025:0080-1

UBUNTU-CVE-2025-0238

USN-7191-1

USN-7663-1

openSUSE-SU-2025:14619-1

openSUSE-SU-2025:14630-1

openSUSE-SU-2025:14648-1

Related

Published

2025-01-07T16:15:38Z

Modified

2025-08-09T20:01:26Z

Summary

[none]

Details

Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Firefox ESR < 115.19, Thunderbird < 134, and Thunderbird < 128.6.

References

Affected packages