CVE-2025-1017

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-1017

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-1017.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-1017

Downstream

DEBIAN-CVE-2025-1017

DLA-4044-1

DLA-4045-1

DSA-5858-1

DSA-5861-1

OESA-2025-1101

OESA-2025-1102

OESA-2025-1835

RHSA-2025:1066

RHSA-2025:1132

RHSA-2025:1133

RHSA-2025:1135

RHSA-2025:1136

RHSA-2025:1137

RHSA-2025:1138

RHSA-2025:1139

RHSA-2025:1140

RHSA-2025:1184

RHSA-2025:1283

RHSA-2025:1292

RHSA-2025:1317

RHSA-2025:1318

RHSA-2025:1319

RHSA-2025:1339

RHSA-2025:1340

RHSA-2025:1341

RHSA-2025:1348

SUSE-SU-2025:0374-1

SUSE-SU-2025:0391-1

SUSE-SU-2025:0405-1

UBUNTU-CVE-2025-1017

USN-7263-1

USN-7663-1

openSUSE-SU-2025:14727-1

openSUSE-SU-2025:14730-1

openSUSE-SU-2025:14731-1

Related

Published

2025-02-04T14:15:32Z

Modified

2025-08-09T20:01:26Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 135, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.

References

Affected packages