PT-2025-9656 · Mozilla+11 · Firefox+11

Sherkito

·

Published

2025-03-04

·

Updated

2025-07-22

·

CVE-2025-1931

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 136 Firefox ESR versions prior to 115.21 Firefox ESR versions prior to 128.8
Description A use-after-free issue in the content process side of a WebTransport connection could lead to a potentially exploitable crash.
Recommendations For Firefox versions prior to 136, update to version 136 or later. For Firefox ESR versions prior to 115.21, update to version 115.21 or later. For Firefox ESR versions prior to 128.8, update to version 128.8 or later.

Fix

Use After Free

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025:2359
ALSA-2025:2452
ALT-PU-2025-3905
ALT-PU-2025-4001
ALT-PU-2025-4567
ALT-PU-2025-5829
ALT-PU-2025-7695
ALT-PU-2025-7697
BDU:2025-02603
CESA-2025_2452
CVE-2025-1931
DLA-4078-1
DLA-4081-1
DSA-5874-1
DSA-5876-1
INFSA-2025_2359
INFSA-2025_2452
MGASA-2025-0092
MGASA-2025-0093
OESA-2025-1265
OESA-2025-1266
OESA-2025-1267
OESA-2025-1268
OESA-2025-1835
OPENSUSE-SU-2025:14852-1
OPENSUSE-SU-2025:14853-1
OPENSUSE-SU-2025:14861-1
OPENSUSE-SU-2025:14958-1
OPENSUSE-SU-2025_0788-1
OPENSUSE-SU-2025_0849-1
RHSA-2025:2359
RHSA-2025:2452
RHSA-2025:2479
RHSA-2025:2480
RHSA-2025:2481
RHSA-2025:2484
RHSA-2025:2485
RHSA-2025:2486
RHSA-2025:2699
RHSA-2025:2708
RHSA-2025_2359
RHSA-2025_2452
SUSE-SU-2025:0783-1
SUSE-SU-2025:0788-1
SUSE-SU-2025:0849-1
SUSE-SU-2025_0783-1
USN-7334-1
USN-7663-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Debian
Firefox
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu