OESA-2025-1086

The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6.(CVE-2025-0237)

When segmenting specially crafted text, segmentation would corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6.(CVE-2025-0241)

Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 115.18, Firefox ESR 128.5, Thunderbird 115.18, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Firefox ESR < 115.19, Thunderbird < 134, and Thunderbird < 128.6.(CVE-2025-0242)

Database specific

{
    "severity": "Medium"
}

References

Affected packages

openEuler:24.03-LTS-SP1 / firefox

Package

Name: firefox
Purl: pkg:rpm/openEuler/firefox&distro=openEuler-24.03-LTS-SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

128.6.0-1.oe2403sp1

Ecosystem specific

{
    "src": [
        "firefox-128.6.0-1.oe2403sp1.src.rpm"
    ],
    "x86_64": [
        "firefox-128.6.0-1.oe2403sp1.x86_64.rpm",
        "firefox-debuginfo-128.6.0-1.oe2403sp1.x86_64.rpm",
        "firefox-debugsource-128.6.0-1.oe2403sp1.x86_64.rpm"
    ],
    "aarch64": [
        "firefox-128.6.0-1.oe2403sp1.aarch64.rpm",
        "firefox-debuginfo-128.6.0-1.oe2403sp1.aarch64.rpm",
        "firefox-debugsource-128.6.0-1.oe2403sp1.aarch64.rpm"
    ]
}