CVE-2025-3028

Published: 2025-04-01T13:15Z

Last Modified: 2025-04-07T13:31Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

JavaScript code running while transforming a document with the XSLTProcessor could lead to a use-after-free. This vulnerability affects Firefox < 137, Firefox ESR < 115.22, Firefox ESR < 128.9, Thunderbird < 137, and Thunderbird < 128.9. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt