CVE-2025-1934

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-1934

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-1934.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-1934

Downstream

DEBIAN-CVE-2025-1934

DLA-4078-1

DLA-4081-1

DSA-5874-1

DSA-5876-1

OESA-2025-1265

OESA-2025-1266

OESA-2025-1267

OESA-2025-1268

OESA-2025-1835

RHSA-2025:2359

RHSA-2025:2452

RHSA-2025:2479

RHSA-2025:2480

RHSA-2025:2481

RHSA-2025:2484

RHSA-2025:2485

RHSA-2025:2486

RHSA-2025:2699

RHSA-2025:2708

RLSA-2025:2452

SUSE-SU-2025:0783-1

SUSE-SU-2025:0788-1

SUSE-SU-2025:0849-1

UBUNTU-CVE-2025-1934

USN-7334-1

USN-7663-1

openSUSE-SU-2025:14852-1

openSUSE-SU-2025:14853-1

openSUSE-SU-2025:14861-1

Related

Published

2025-03-04T14:15:38Z

Modified

2025-08-09T20:01:25Z

Summary

[none]

Details

It was possible to interrupt the processing of a RegExp bailout and run additional JavaScript, potentially triggering garbage collection when the engine was not expecting it. This vulnerability affects Firefox < 136, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.

References

Affected packages