FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2026-03-03 16:31:49 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
20485d27-e540-11ef-a845-b42e991fc52e	mozilla -- multiple vulnerabilities security@mozilla.org reports: A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an attacker to leverage this to achieve code execution. A race condition could have led to private browsing tabs being opened in normal browsing windows. This could have resulted in a potential privacy leak. Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed. Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. Discovery 2025-02-04 Entry 2025-02-07 firefox < 135.0.0,2 firefox-esr < 128.7,1 thunderbird < 128.7 > 129 lt 135 CVE-2025-1011 https://nvd.nist.gov/vuln/detail/CVE-2025-1011 CVE-2025-1013 https://nvd.nist.gov/vuln/detail/CVE-2025-1013 CVE-2025-1014 https://nvd.nist.gov/vuln/detail/CVE-2025-1014 CVE-2025-1017 https://nvd.nist.gov/vuln/detail/CVE-2025-1017

VuXML ID

Description

20485d27-e540-11ef-a845-b42e991fc52e

mozilla -- multiple vulnerabilities

security@mozilla.org reports:

A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an attacker to leverage this to achieve code execution.

A race condition could have led to private browsing tabs being opened in normal browsing windows. This could have resulted in a potential privacy leak.

Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed.

Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

Discovery 2025-02-04
Entry 2025-02-07
firefox

< 135.0.0,2

firefox-esr

< 128.7,1

thunderbird

< 128.7

> 129 lt 135

CVE-2025-1011
https://nvd.nist.gov/vuln/detail/CVE-2025-1011
CVE-2025-1013
https://nvd.nist.gov/vuln/detail/CVE-2025-1013
CVE-2025-1014
https://nvd.nist.gov/vuln/detail/CVE-2025-1014
CVE-2025-1017
https://nvd.nist.gov/vuln/detail/CVE-2025-1017