Home

CVE-2025-14325

Description

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.

Risk Information

Base Score
7.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS Score
Exploitation Probability
0.115

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities are fixed in Mozilla Firefox (Microsoft Store) 140.6Windows
Multiple vulnerabilities are fixed in Mozilla Firefox (Microsoft Store) 146Windows
Multiple vulnerabilities are fixed in Mozilla Thunderbird ESR 140 (140.6.0)Windows
Multiple vulnerabilities are fixed in Mozilla Thunderbird ESR 140 (x64) (140.6.0)Windows
Multiple vulnerabilities are fixed in Mozilla Thunderbird (146.0)Windows
Multiple vulnerabilities are fixed in Mozilla Thunderbird (x64) (146.0)Windows
Multiple vulnerabilities are fixed in Mozilla Firefox (146.0)Windows
Multiple vulnerabilities are fixed in Mozilla Firefox (x64) (146.0)Windows
Multiple vulnerabilities are fixed in Mozilla Firefox (146.0.1)Windows
Multiple vulnerabilities are fixed in Mozilla Firefox (x64) (146.0.1)Windows
Multiple vulnerabilities are fixed in Mozilla Firefox For Mac (146.0)Mac
Multiple vulnerabilities are fixed in Mozilla Firefox For Mac (146.0.1)Mac

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-354116Mozilla Thunderbird ESR 140 (140.6.0)
PATCH-354117Mozilla Thunderbird ESR 140 (x64) (140.6.0)
PATCH-354114Mozilla Thunderbird (146.0)
PATCH-354115Mozilla Thunderbird (x64) (146.0)
PATCH-354443Mozilla Firefox (146.0.1)
PATCH-354444Mozilla Firefox (x64) (146.0.1)
PATCH-354443Mozilla Firefox (146.0.1)
PATCH-354444Mozilla Firefox (x64) (146.0.1)
PATCH-613630Mozilla Firefox For Mac (147.0.4)
PATCH-613630Mozilla Firefox For Mac (147.0.4)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234