QwikSec

Security Database

CVE

CWE

Training

CVE-2025-1012

Published: Feb 4, 2025

Modified: Apr 13, 2026

PUBLISHED

Description

A race during concurrent delazification could have led to a use-after-free. This vulnerability was fixed in Firefox 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135.

Vendor	Product	Versions
Mozilla	Firefox	unaffected `115.20 - <= 115.` unaffected `128.7 - <= 128.` unaffected `135 - <= *`
Mozilla	Thunderbird	unaffected `128.7 - <= 128.` unaffected `135 - <= `

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1939710

https://www.mozilla.org/security/advisories/mfsa2025-07/

https://www.mozilla.org/security/advisories/mfsa2025-08/

https://www.mozilla.org/security/advisories/mfsa2025-09/

https://www.mozilla.org/security/advisories/mfsa2025-10/

https://www.mozilla.org/security/advisories/mfsa2025-11/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.