FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2026-03-03 16:31:49 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
a2d5bd7b-2e85-11f0-a989-b42e991fc52e	Mozilla -- XPath parsing undefined behavior security@mozilla.org reports: A vulnerability was identified in Thunderbird where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access and potentially, memory corruption. Discovery 2025-04-29 Entry 2025-05-11 firefox < 138.0,2 firefox-esr < 128.10,1 thunderbird < 138 CVE-2025-4087 https://nvd.nist.gov/vuln/detail/CVE-2025-4087

VuXML ID

Description

a2d5bd7b-2e85-11f0-a989-b42e991fc52e

Mozilla -- XPath parsing undefined behavior

security@mozilla.org reports:

A vulnerability was identified in Thunderbird where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access and potentially, memory corruption.

Discovery 2025-04-29
Entry 2025-05-11
firefox

< 138.0,2

firefox-esr

< 128.10,1

thunderbird

< 138

CVE-2025-4087
https://nvd.nist.gov/vuln/detail/CVE-2025-4087