VDB

GCVE-110-MAGEIA-2025-151

GCVE-110-MAGEIA-2025-151
Advisory Published
Vulnetix · Advisory published May 8, 2025
Process isolation bypass using "javascript:" URI links in cross-origin frames. (CVE-2025-4083) Unsafe attribute access during XPath parsing. (CVE-2025-4087) Memory safety bugs fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. (CVE-2025-4091) Memory safety bug fixed in Firefox ESR 128.10 and Thunderbird 128.10. (CVE-2025-4093)

Affected Products

VendorProductVersionsPlatforms
Mageiathunderbird0 (affected), 128.10.0-1.mga9 (unaffected)
Mageiathunderbird-l10n0 (affected), 128.10.0-1.mga9 (unaffected)

Browse GCVE Records

73,280 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›