PT-2025-9657 · Mozilla+10 · Firefox+10

Ivan Fratric

·

Published

2025-03-04

·

Updated

2025-07-22

·

CVE-2025-1932

CVSS v2.0

10

High

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Firefox versions 122 through 135 Firefox ESR versions 122 through 128.7
Description The issue is related to an inconsistent comparator in xslt/txNodeSorter, potentially leading to out-of-bounds access.
Recommendations For Firefox versions 122 through 135, update to version 136 or later. For Firefox ESR versions 122 through 128.7, update to version 128.8 or later.

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALSA-2025:2359
ALSA-2025:2452
ALT-PU-2025-3905
ALT-PU-2025-4001
ALT-PU-2025-4567
ALT-PU-2025-5829
ALT-PU-2025-7695
ALT-PU-2025-7697
BDU:2025-02601
CESA-2025_2452
CVE-2025-1932
DLA-4078-1
DLA-4081-1
DSA-5874-1
DSA-5876-1
INFSA-2025_2359
INFSA-2025_2452
MGASA-2025-0092
MGASA-2025-0093
OESA-2025-1265
OESA-2025-1266
OESA-2025-1267
OESA-2025-1268
OESA-2025-1835
OPENSUSE-SU-2025:14852-1
OPENSUSE-SU-2025:14853-1
OPENSUSE-SU-2025:14861-1
OPENSUSE-SU-2025_0788-1
OPENSUSE-SU-2025_0849-1
RHSA-2025:2359
RHSA-2025:2452
RHSA-2025:2479
RHSA-2025:2480
RHSA-2025:2481
RHSA-2025:2484
RHSA-2025:2485
RHSA-2025:2486
RHSA-2025:2699
RHSA-2025:2708
RHSA-2025_2359
RHSA-2025_2452
SUSE-SU-2025:0783-1
SUSE-SU-2025:0788-1
SUSE-SU-2025:0849-1
SUSE-SU-2025_0783-1
USN-7334-1
USN-7663-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Debian
Firefox
Linuxmint
Red Hat
Rocky Linux
Suse
Ubuntu