VDB

ANCHORE-2025-5262

ANCHORE-2025-5262 PUBLISHED

A double-free could have occurred in `vpx_codec_enc_init_multi` after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 139 and Thunderbird < 128.11.

Affected Products

VendorProductVersions
MozillaThunderbird129, 129, 0

Timeline

  • May 27, 2025 CVE Published
  • Aug 19, 2025 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›