Jump to:

CVE-2025-3608

Jump to:

CVE-2025-3608

Package firefox updated to version 137.0.2-alt1 for branch sisyphus in task 381698.

Published: 2025-04-15
Modified: 2025-05-21

CVE-2025-3608

A race condition existed in nsHttpTransaction that could have been exploited to cause memory corruption, potentially leading to an exploitable condition. This vulnerability affects Firefox < 137.0.2.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N

References:

https://bugzilla.mozilla.org/show_bug.cgi?id=1951554
https://www.cve.org/CVERecord?id=CVE-2025-3608
https://www.mozilla.org/security/advisories/mfsa2025-25/

Version: 2.1.2

Package firefox update in sisyphus on 2025-04-16

ALT-PU-2025-5589-2

Closed vulnerabilities

CVE-2025-3608