FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- use-after-free in WebTransport connection

Affected packages
firefox < 136.0,2
librewolf < 136.0,2
firefox-esr < 115.21,1
thunderbird < 136.0

Details

VuXML ID acf902f6-109d-11f0-8195-b42e991fc52e
Discovery 2025-03-04
Entry 2025-04-03

security@mozilla.org reports:

It was possible to cause a use-after-free in the content process side of a WebTransport connection, leading to a potentially exploitable crash.

[source]

References

CVE Name CVE-2025-1931
URL https://nvd.nist.gov/vuln/detail/CVE-2025-1931

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.