{"id":"CVE-2025-1011","details":"A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an attacker to leverage this to achieve code execution. This vulnerability affects Firefox \u003c 135, Firefox ESR \u003c 128.7, Thunderbird \u003c 128.7, and Thunderbird \u003c 135.","modified":"2026-03-15T22:51:59.979859Z","published":"2025-02-04T14:15:31.887Z","related":["ALSA-2025:1066","ALSA-2025:1184","ALSA-2025:1283","ALSA-2025:1292","CGA-4hgh-jgff-6cmr","MGASA-2025-0045","MGASA-2025-0048","SUSE-SU-2025:0374-1","SUSE-SU-2025:0391-1","SUSE-SU-2025:0405-1","openSUSE-SU-2025:14727-1","openSUSE-SU-2025:14730-1","openSUSE-SU-2025:14731-1","openSUSE-SU-2025:14764-1"],"references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/02/msg00006.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/02/msg00005.html"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2025-07/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2025-09/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2025-10/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2025-11/"},{"type":"REPORT","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1936454"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-1011.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"128.7.0"}]},{"events":[{"introduced":"0"},{"fixed":"135.0"}]},{"events":[{"introduced":"0"},{"fixed":"135.0"}]},{"events":[{"introduced":"128.0.1"},{"fixed":"128.7.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}