Primary

Context

Mozilla Firefox and Thunderbird WebAssembly Code Generation Vulnerability Leading to Potential Code Execution

Vulnerability

Patched

A vulnerability exists in the WebAssembly code generation process in Mozilla Firefox and Thunderbird. This issue could have caused a crash, and there is a possibility that an attacker could exploit it to execute arbitrary code. The vulnerability affects multiple versions of Firefox and Thunderbird, including Firefox versions prior to 135, Firefox ESR versions prior to 128.7, and Thunderbird versions prior to 128.7 and 135.

Impact

Exploitation of this vulnerability could have led to a crash, with the potential for code execution.

Remediation

Users can upgrade to Firefox 135, Firefox ESR 128.7, Thunderbird 135, or Thunderbird 128.7 to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

7.5

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

7.5

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mozilla Firefox and Thunderbird WebAssembly Code Generation Vulnerability Leading to Potential Code Execution

Vulnerability

Impact

Remediation

Affected Products

Mozilla Firefox

Mozilla Firefox ESR

Mozilla Thunderbird

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating