8 matches found
MozillaFirefox-136.0.4-1.1 on GA media (moderate)
MozillaFirefox-136.0.4-1.1 on GA media Announcement ID: openSUSE-SU-2025:14948-1 Rating: moderate Cross-References: CVE-2025-2857 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...
Mozilla Patches Critical Firefox Bug Similar to Chrome's Recent Zero-Day Vulnerability
Mozilla has released updates to address a critical security flaw impacting its Firefox browser for Windows, merely days after Google patched a similar flaw in Chrome that came under active exploitation as a zero-day. The security vulnerability, CVE-2025-2857, has been described as a case of an...
CVE-2025-2857
creationtimestamp| type| source ---|---|--- 2025-03-28 04:44:00+00:00| seen| https://thehackernews.com/2025/03/mozilla-patches-critical-firefox-bug.html 2025-03-28 05:48:21+00:00| seen| https://bsky.app/profile/Firefox.activitypub.awakari.com.ap.brid.gy/post/3llg4i66r4h52 2025-03-28 06:42:39+00:0...
Mozilla Firefox ESR < 115.21.1
The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 115.21.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2025-19 advisory. - Following the recent Chrome sandbox escape CVE-2025-2783, various Firefox developers identified a similar...
Mozilla Firefox ESR < 115.21.1
The version of Firefox ESR installed on the remote Windows host is prior to 115.21.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2025-19 advisory. - Following the recent Chrome sandbox escape CVE-2025-2783, various Firefox developers identified a similar pattern in our...
Mozilla Firefox < 136.0.4
The version of Firefox installed on the remote Windows host is prior to 136.0.4. It is, therefore, affected by a vulnerability as referenced in the mfsa2025-19 advisory. - Following the recent Chrome sandbox escape CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC...
CVE-2025-2857 Incorrect handle could lead to sandbox escapes
Following the recent Chrome sandbox escape CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. The original vulnerability was...
CVE-2025-2857
Following the recent Chrome sandbox escape CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. The original vulnerability was...