Mozilla Foundation Security Advisory 2025-41

Security Vulnerabilities fixed in Thunderbird 138.0.2

Announced

May 20, 2025

Impact

critical

Products

Thunderbird

Fixed in

Thunderbird 138.0.2

In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts.

#CVE-2025-4918: Out-of-bounds access when resolving Promise objects

Reporter: Edouard Bochin and Tao Yan from Palo Alto Networks working with Trend Micro's Zero Day Initiative
Impact: critical

Description

An attacker was able to perform an out-of-bounds read or write on a JavaScript Promise object.

References

Bug 1966612

#CVE-2025-4919: Out-of-bounds access when optimizing linear sums

Reporter: Manfred Paul working with Trend Micro's Zero Day Initiative
Impact: critical

Description

An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes.

References

Bug 1966614

Firefox for Desktop

Firefox for iOS

Firefox for Android

Firefox Focus

Firefox blog

Mozilla VPN

Mozilla Monitor

Firefox Relay

Pocket

MDN Plus

Fakespot

Thunderbird

About Mozilla

The Mozilla Manifesto

Get Involved

Blog

Mozilla Foundation

Mozilla.ai

Mozilla Ventures

Mozilla Advertising

Mozilla Builders

Mozilla New Products

Mozilla Foundation Security Advisory 2025-41

Security Vulnerabilities fixed in Thunderbird 138.0.2

#CVE-2025-4918: Out-of-bounds access when resolving Promise objects

Description

References

#CVE-2025-4919: Out-of-bounds access when optimizing linear sums

Description

References