Threats Tagged 'cve-2025-4087'

Multiple security vulnerabilities affecting Mozilla Firefox and Thunderbird have been addressed in a Red Hat security update. These include privilege escalation in the Firefox Updater, unsafe attribute access during XPath parsing, process isolation bypass via "javascript:" URI links in cross-origin frames, and several memory safety bugs. The update is rated as important by Red Hat Product Security and applies to Red Hat Enterprise Linux 9 and its variants. Users are advised to apply the provided security update to mitigate these issues.

Multiple security vulnerabilities affecting Mozilla Thunderbird have been addressed in a Red Hat security update. These include privilege escalation in the Firefox Updater, unsafe attribute access during XPath parsing, process isolation bypass via "javascript:" URI links in cross-origin frames, and several memory safety bugs. The update is rated as Important by Red Hat and applies to Thunderbird versions aligned with Firefox 138 and Thunderbird 138, including ESR 128.10 and Thunderbird 128.10. The advisory provides updated packages for Red Hat Enterprise Linux 9 and its variants.

Multiple security vulnerabilities affecting Mozilla Firefox and Thunderbird have been addressed in a Red Hat security update for Red Hat Enterprise Linux 7 Extended Lifecycle Support. The issues include privilege escalation in the Firefox Updater, unsafe attribute access during XPath parsing, process isolation bypass via "javascript:" URI links in cross-origin frames, and several memory safety bugs. These vulnerabilities are fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. The update is rated as Important by Red Hat Product Security.

Red Hat has issued a security advisory for Firefox addressing multiple vulnerabilities including privilege escalation in the Firefox Updater, unsafe attribute access during XPath parsing, process isolation bypass via "javascript:" URI links in cross-origin frames, and several memory safety bugs. These issues affect Firefox and Thunderbird versions including Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. The update is rated as having an Important security impact and fixes are available for Red Hat Enterprise Linux 9.2 Extended Update Support and related variants.

Multiple security vulnerabilities affecting Mozilla Firefox and Thunderbird have been addressed in a Red Hat security update for Red Hat Enterprise Linux 9.4. The issues include privilege escalation in the Firefox Updater, unsafe attribute access during XPath parsing, process isolation bypass via "javascript:" URI links in cross-origin frames, and several memory safety bugs. These vulnerabilities have been fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10 packages provided by Red Hat. The update is rated as Important by Red Hat Product Security.

Multiple security vulnerabilities affecting Mozilla Thunderbird have been addressed in a Red Hat Enterprise Linux 8 update. These include privilege escalation in the Firefox Updater, unsafe attribute access during XPath parsing, process isolation bypass via "javascript:" URI links in cross-origin frames, and several memory safety bugs. The update fixes these issues in Thunderbird 128.10 and related Firefox versions. Red Hat rates the security impact as Important and provides updated packages for various architectures. No known exploits in the wild have been reported at this time.

Red Hat has issued an important security update for Firefox addressing multiple vulnerabilities including privilege escalation in the Firefox Updater, unsafe attribute access during XPath parsing, process isolation bypass via "javascript:" URI links in cross-origin frames, and several memory safety bugs. These issues affect Firefox and Thunderbird versions aligned with Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. The update is available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions on multiple architectures.

Multiple security vulnerabilities have been identified and fixed in Mozilla Firefox and Thunderbird, including privilege escalation in the Firefox Updater, unsafe attribute access during XPath parsing, process isolation bypass via "javascript:" URI links in cross-origin frames, and several memory safety bugs. These issues affect Red Hat Enterprise Linux 9 and related extended update support versions. Red Hat has issued security updates to address these vulnerabilities.

Red Hat has issued a security advisory for Firefox addressing multiple vulnerabilities including privilege escalation in the Firefox Updater, unsafe attribute access during XPath parsing, process isolation bypass via "javascript:" URI links in cross-origin frames, and several memory safety bugs. These issues affect Firefox and Thunderbird versions distributed with Red Hat Enterprise Linux 10 and its extended update support variants. The update fixes these vulnerabilities in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. The advisory rates the security impact as Important (high severity).

Multiple security vulnerabilities have been identified and addressed in Mozilla Thunderbird as packaged for Red Hat Enterprise Linux 10. These include issues such as UI misrepresentation of attachment URLs, information disclosure of the /tmp directory listing, leakage of hashed Windows credentials via crafted attachment URLs, privilege escalation in the Firefox Updater component, unsafe attribute access during XPath parsing, process isolation bypass using javascript: URI links in cross-origin frames, and several memory safety bugs. Red Hat has issued an important security advisory with updates to fix these vulnerabilities in Thunderbird version 128.10.0 for various architectures.