CVE-2025-9185

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-9185

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-9185.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-9185

Downstream

DEBIAN-CVE-2025-9185

DLA-4277-1

DLA-4279-1

DSA-5980-1

DSA-5984-1

OESA-2025-2099

RHSA-2025:14416

RHSA-2025:14417

RHSA-2025:14442

RHSA-2025:14640

RHSA-2025:14743

RHSA-2025:14844

RHSA-2025:15418

RHSA-2025:15419

RHSA-2025:15420

RHSA-2025:15421

RHSA-2025:15422

RHSA-2025:15423

RHSA-2025:15424

RHSA-2025:15430

RHSA-2025:15434

RHSA-2025:15435

RHSA-2025:15436

RHSA-2025:15437

RHSA-2025:15438

RHSA-2025:15496

RHSA-2025:15535

RLSA-2025:14416

RLSA-2025:14417

RLSA-2025:14442

RLSA-2025:14743

RLSA-2025:14844

SUSE-SU-2025:03007-1

SUSE-SU-2025:03008-1

SUSE-SU-2025:03009-1

UBUNTU-CVE-2025-9185

Related

Published

2025-08-19T21:15:31Z

Modified

2025-08-27T05:01:32Z

Severity

8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 142, Firefox ESR < 115.27, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2.

References

Affected packages