CVE-2025-10537

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-10537

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-10537.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-10537

Downstream

DEBIAN-CVE-2025-10537

DLA-4311-1

DSA-6011-1

DLA-4305-1

DSA-6003-1

OESA-2025-2340

OESA-2025-2341

OESA-2025-2359

OESA-2025-2360

OESA-2025-2361

OESA-2025-2557

RHSA-2025:16108

RHSA-2025:16109

RHSA-2025:16156

RHSA-2025:16157

RHSA-2025:16260

RHSA-2025:16589

RHSA-2025:17340

RHSA-2025:17341

RHSA-2025:17342

RHSA-2025:17343

RHSA-2025:17344

RHSA-2025:17345

RHSA-2025:17346

RHSA-2025:17367

RHSA-2025:17368

RHSA-2025:17371

RHSA-2025:17372

RHSA-2025:17373

RHSA-2025:17374

RHSA-2025:17378

RHSA-2025:17453

RLSA-2025:16108

RLSA-2025:16109

RLSA-2025:16156

RLSA-2025:16157

RLSA-2025:16260

RLSA-2025:16589

UBUNTU-CVE-2025-10537

Related

Published

2025-09-16T13:15:49Z

Modified

2025-09-20T02:58:08Z

Summary

[none]

Details

Memory safety bugs present in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.

References

Affected packages