MiracleLinux 8 : firefox-128.7.0-1.el8_10.ML.1 (AXSA:2025-9662:06)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-9662:06 advisory. firefox: thunderbird: Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7 CVE-2025-1017 firefox:...

MiracleLinux 9 : thunderbird-128.7.0-1.el9_5.ML.1 (AXSA:2025-9664:04)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-9664:04 advisory. firefox: thunderbird: Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7 CVE-2025-1017 firefox:...

Linux Distros Unpatched Vulnerability : CVE-2025-1009

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. This vulnerability was fixed in Firefox 135,...

SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2025:0391-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0391-1 advisory. MFSA 2025-09 CVE-2025-1009 bmo1936613 Use-after-free in XSLT CVE-2025-1010 bmo1936982 Use-after-free in Custom Highlight CVE-2025-1011 bmo19364...

RHEL 8 : thunderbird (RHSA-2025:1340)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:1340 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox 135...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaThunderbird (SUSE-SU-2025:0405-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0405-1 advisory. Update to Mozilla Thunderbird 128.7 MFSA 2025-10, bsc1236539. Security fixes: - CVE-2025-1009:...

Security update for MozillaFirefox

This update for MozillaFirefox to 128.7esr fixes the following issues: MFSA 2025-09 CVE-2025-1009 bmo1936613 Use-after-free in XSLT CVE-2025-1010 bmo1936982 Use-after-free in Custom Highlight CVE-2025-1011 bmo1936454 A bug in WebAssembly code generation could result in a crash CVE-2025-1012...

RHEL 9 : firefox (RHSA-2025:1138)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:1138 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

CVE-2025-1009

An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. This vulnerability was fixed in Firefox 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...

MozillaFirefox-135.0-1.1 on GA media (moderate)

MozillaFirefox-135.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:14730-1 Rating: moderate Cross-References: CVE-2025-1009 CVE-2025-1010 CVE-2025-1011 CVE-2025-1012 CVE-2025-1013 CVE-2025-1014 CVE-2025-1016 CVE-2025-1017 CVE-2025-1018 CVE-2025-1019 CVE-2025-1020 CVSS scores: CVE-2025-1009 SU...

Slackware: Security Advisory (SSA:2025-036-03)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-1009

An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. This vulnerability was fixed in Firefox 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...

CVE-2025-1009 vulnerabilities

Vulnerabilities for packages: firefox-esr, firefox...

CVE-2025-1009

An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. This vulnerability affects Firefox 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...

CVE-2025-1009

creationtimestamp| type| source ---|---|--- 2025-02-04 14:06:26+00:00| seen| https://infosec.exchange/users/cve/statuses/113946000514333197 2025-02-04 14:16:13+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lheanexgo42w 2025-02-04 16:23:40+00:00| seen|...

CVE-2025-1009 Use-after-free in XSLT

An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. This vulnerability was fixed in Firefox 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...

CVE-2025-1009

CVE-2025-1009 is a use-after-free in XSLT processing that affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird

CVE-2025-1009 Use-after-free in XSLT

An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. This vulnerability was fixed in Firefox 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...

CVE-2025-1009

An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. This vulnerability was fixed in Firefox 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...