{"id":"CVE-2025-1934","details":"It was possible to interrupt the processing of a RegExp bailout and run additional JavaScript, potentially triggering garbage collection when the engine was not expecting it. This vulnerability affects Firefox \u003c 136, Firefox ESR \u003c 128.8, Thunderbird \u003c 136, and Thunderbird \u003c 128.8.","modified":"2026-04-16T04:34:34.499634018Z","published":"2025-03-04T14:15:38.273Z","related":["ALSA-2025:2359","ALSA-2025:2452","SUSE-SU-2025:0783-1","SUSE-SU-2025:0788-1","SUSE-SU-2025:0849-1","openSUSE-SU-2025:14852-1","openSUSE-SU-2025:14853-1","openSUSE-SU-2025:14861-1"],"references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00006.html"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2025-14/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2025-16/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"type":"REPORT","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1942881"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-1934.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"128.8.0"}]},{"events":[{"introduced":"0"},{"fixed":"136.0"}]},{"events":[{"introduced":"0"},{"fixed":"128.8.0"}]},{"events":[{"introduced":"129.0"},{"fixed":"136.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}