VDB
DEBIAN-CVE-2025-10533
DEBIAN-CVE-2025-10533
PUBLISHED
CVSS 8.800000190734863 HIGH
Integer overflow in the SVG component. This vulnerability was fixed in Firefox 143, Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.
Risk Scores
CVSS 3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | thunderbird | 1:91.5.0-1~deb9u1, *, * |
| Debian:12 | firefox-esr | *, 102.12.0esr-1, 102.12.0esr-1~deb10u1 |
| Debian:12 | thunderbird | 128.5.0, 128.5.2, 128.6.0 |
| Debian:13 | thunderbird | 140.2.0, 0, 1:128.13.0esr-1 |
| Debian:11 | firefox-esr | 115.3.0esr-1~deb12u1, *, * |
| Debian:14 | firefox-esr | 128.13.0esr-1, 128.14.0esr-1, 128.14.0esr-1~deb11u1 |
| Debian:14 | thunderbird | *, 1:140.3.0esr-1~deb13u1, 1:140.3.0esr-1~deb12u1 |
| Debian:13 | firefox-esr | 140.3.0, 140.3.0, 128.14.0 |
Timeline
- Sep 16, 2025 CVE Published
- Apr 28, 2026 CVE Updated