Back to search
CVE-2025-1933
Published: Mar 4, 2025
Modified: Apr 13, 2026
PUBLISHED
Description
On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type. This vulnerability was fixed in Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8.
| Vendor | Product | Versions |
|---|---|---|
Mozilla | Firefox | unaffected 115.21 - <= 115.*unaffected 128.8 - <= 128.*unaffected 136 - <= * |
Mozilla | Thunderbird | unaffected 128.8 - <= 128.*unaffected 136 - <= * |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now