CVE-2025-0237 - Vulnerability Details

The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Mozilla	Firefox Thunderbird
Redhat	Enterprise Linux Rhel Aus Rhel E4s Rhel Els Rhel Eus Rhel Tus

Configuration 1 [-]

OR	cpe:2.3:a:mozilla:firefox:::::esr:::*
	cpe:2.3:a:mozilla:firefox::::::::
	cpe:2.3:a:mozilla:thunderbird::::::::
	cpe:2.3:a:mozilla:thunderbird::::::::

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 7 Extended Lifecycle Support
firefox-0:128.6.0-1.el7_9	cpe:/o:redhat:rhel_els:7	RHSA-2025:0132	2025-01-09T00:00:00Z
Red Hat Enterprise Linux 8
firefox-0:128.6.0-1.el8_10	cpe:/a:redhat:enterprise_linux:8	RHSA-2025:0144	2025-01-09T00:00:00Z
thunderbird-0:128.6.0-3.el8_10	cpe:/a:redhat:enterprise_linux:8	RHSA-2025:0281	2025-01-13T00:00:00Z
Red Hat Enterprise Linux 8.2 Advanced Update Support
firefox-0:128.6.0-1.el8_2	cpe:/a:redhat:rhel_aus:8.2	RHSA-2025:0133	2025-01-09T00:00:00Z
thunderbird-0:128.6.0-3.el8_2	cpe:/a:redhat:rhel_aus:8.2	RHSA-2025:0286	2025-01-13T00:00:00Z
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
firefox-0:128.6.0-1.el8_4	cpe:/a:redhat:rhel_aus:8.4	RHSA-2025:0134	2025-01-09T00:00:00Z
thunderbird-0:128.6.0-3.el8_4	cpe:/a:redhat:rhel_aus:8.4	RHSA-2025:0287	2025-01-13T00:00:00Z
Red Hat Enterprise Linux 8.4 Telecommunications Update Service
firefox-0:128.6.0-1.el8_4	cpe:/a:redhat:rhel_tus:8.4	RHSA-2025:0134	2025-01-09T00:00:00Z
thunderbird-0:128.6.0-3.el8_4	cpe:/a:redhat:rhel_tus:8.4	RHSA-2025:0287	2025-01-13T00:00:00Z
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
firefox-0:128.6.0-1.el8_4	cpe:/a:redhat:rhel_e4s:8.4	RHSA-2025:0134	2025-01-09T00:00:00Z
thunderbird-0:128.6.0-3.el8_4	cpe:/a:redhat:rhel_e4s:8.4	RHSA-2025:0287	2025-01-13T00:00:00Z
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
firefox-0:128.6.0-1.el8_6	cpe:/a:redhat:rhel_aus:8.6	RHSA-2025:0136	2025-01-09T00:00:00Z
thunderbird-0:128.6.0-3.el8_6	cpe:/a:redhat:rhel_aus:8.6	RHSA-2025:0275	2025-01-13T00:00:00Z
Red Hat Enterprise Linux 8.6 Telecommunications Update Service
firefox-0:128.6.0-1.el8_6	cpe:/a:redhat:rhel_tus:8.6	RHSA-2025:0136	2025-01-09T00:00:00Z
thunderbird-0:128.6.0-3.el8_6	cpe:/a:redhat:rhel_tus:8.6	RHSA-2025:0275	2025-01-13T00:00:00Z
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
firefox-0:128.6.0-1.el8_6	cpe:/a:redhat:rhel_e4s:8.6	RHSA-2025:0136	2025-01-09T00:00:00Z
thunderbird-0:128.6.0-3.el8_6	cpe:/a:redhat:rhel_e4s:8.6	RHSA-2025:0275	2025-01-13T00:00:00Z
Red Hat Enterprise Linux 8.8 Extended Update Support
firefox-0:128.6.0-1.el8_8	cpe:/a:redhat:rhel_eus:8.8	RHSA-2025:0137	2025-01-09T00:00:00Z
thunderbird-0:128.6.0-3.el8_8	cpe:/a:redhat:rhel_eus:8.8	RHSA-2025:0284	2025-01-13T00:00:00Z
Red Hat Enterprise Linux 9
firefox-0:128.6.0-1.el9_5	cpe:/a:redhat:enterprise_linux:9	RHSA-2025:0080	2025-01-08T00:00:00Z
thunderbird-0:128.6.0-3.el9_5	cpe:/a:redhat:enterprise_linux:9	RHSA-2025:0147	2025-01-09T00:00:00Z
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
firefox-0:128.6.0-1.el9_0	cpe:/a:redhat:rhel_e4s:9.0	RHSA-2025:0162	2025-01-09T00:00:00Z
thunderbird-0:128.6.0-3.el9_0	cpe:/a:redhat:rhel_e4s:9.0	RHSA-2025:0165	2025-01-09T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Support
firefox-0:128.6.0-1.el9_2	cpe:/a:redhat:rhel_eus:9.2	RHSA-2025:0138	2025-01-09T00:00:00Z
thunderbird-0:128.6.0-3.el9_2	cpe:/a:redhat:rhel_eus:9.2	RHSA-2025:0167	2025-01-09T00:00:00Z
Red Hat Enterprise Linux 9.4 Extended Update Support
firefox-0:128.6.0-1.el9_4	cpe:/a:redhat:rhel_eus:9.4	RHSA-2025:0135	2025-01-09T00:00:00Z
thunderbird-0:128.6.0-3.el9_4	cpe:/a:redhat:rhel_eus:9.4	RHSA-2025:0166	2025-01-09T00:00:00Z

References

Link	Providers
https://bugzilla.mozilla.org/show_bug.cgi?id=1915257
https://nvd.nist.gov/vuln/detail/CVE-2025-0237
https://www.cve.org/CVERecord?id=CVE-2025-0237
https://www.mozilla.org/security/advisories/mfsa2025-01/
https://www.mozilla.org/security/advisories/mfsa2025-02/
https://www.mozilla.org/security/advisories/mfsa2025-04/
https://www.mozilla.org/security/advisories/mfsa2025-05/

History

Thu, 03 Apr 2025 16:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Mozilla Mozilla firefox Mozilla thunderbird
CPEs		cpe:2.3:a:mozilla:firefox:::::::: cpe:2.3:a:mozilla:firefox:::::esr:::* cpe:2.3:a:mozilla:thunderbird::::::::
Vendors & Products		Mozilla Mozilla firefox Mozilla thunderbird

Thu, 13 Feb 2025 01:00:00 +0000

Type	Values Removed	Values Added
Title	firefox: WebChannel APIs susceptible to confused deputy attack	firefox: thunderbird: WebChannel APIs susceptible to confused deputy attack
CPEs		cpe:/a:redhat:rhel_aus:8.2 cpe:/a:redhat:rhel_aus:8.6 cpe:/a:redhat:rhel_e4s:8.6 cpe:/a:redhat:rhel_e4s:9.0 cpe:/a:redhat:rhel_eus:8.8 cpe:/a:redhat:rhel_eus:9.4 cpe:/a:redhat:rhel_tus:8.6

Mon, 13 Jan 2025 22:15:00 +0000

Type	Values Removed	Values Added
Description	The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird ESR < 128.6.	The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6.

Thu, 09 Jan 2025 14:00:00 +0000

Type	Values Removed	Values Added
Title		firefox: WebChannel APIs susceptible to confused deputy attack
First Time appeared		Redhat Redhat enterprise Linux Redhat rhel Aus Redhat rhel E4s Redhat rhel Els Redhat rhel Eus Redhat rhel Tus
Weaknesses		CWE-441
CPEs		cpe:/a:redhat:enterprise_linux:8 cpe:/a:redhat:enterprise_linux:9 cpe:/a:redhat:rhel_aus:8.4 cpe:/a:redhat:rhel_e4s:8.4 cpe:/a:redhat:rhel_eus:9.2 cpe:/a:redhat:rhel_tus:8.4 cpe:/o:redhat:rhel_els:7
Vendors & Products		Redhat Redhat enterprise Linux Redhat rhel Aus Redhat rhel E4s Redhat rhel Els Redhat rhel Eus Redhat rhel Tus
References		https://nvd.nist.gov/vuln/detail/CVE-2025-0237 https://www.cve.org/CVERecord?id=CVE-2025-0237
Metrics	threat_severity `None`	threat_severity `Moderate`

Thu, 09 Jan 2025 08:45:00 +0000

Type	Values Removed	Values Added
Description	The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks. This vulnerability affects Firefox < 134 and Firefox ESR < 128.6.	The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird ESR < 128.6.
References		https://www.mozilla.org/security/advisories/mfsa2025-04/ https://www.mozilla.org/security/advisories/mfsa2025-05/

Wed, 08 Jan 2025 16:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-863
Metrics		cvssV3_1 `{'score': 5.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 07 Jan 2025 16:15:00 +0000

Type	Values Removed	Values Added
Description		The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks. This vulnerability affects Firefox < 134 and Firefox ESR < 128.6.
References		https://bugzilla.mozilla.org/show_bug.cgi?id=1915257 https://www.mozilla.org/security/advisories/mfsa2025-01/ https://www.mozilla.org/security/advisories/mfsa2025-02/

MITRE

Status: PUBLISHED

Assigner: mozilla

Published: 2025-01-07T16:07:05.787Z

Updated: 2025-01-13T21:54:58.675Z

Reserved: 2025-01-06T14:48:59.270Z

Link: CVE-2025-0237

Vulnrichment

Updated: 2025-01-08T16:01:12.491Z

NVD

Status : Analyzed

Published: 2025-01-07T16:15:38.323

Modified: 2025-04-03T16:29:29.923

Link: CVE-2025-0237

Redhat

Severity : Moderate

Publid Date: 2025-01-07T16:07:05Z

Links: CVE-2025-0237 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-0237", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "state": "PUBLISHED", "assignerShortName": "mozilla", "dateReserved": "2025-01-06T14:48:59.270Z", "datePublished": "2025-01-07T16:07:05.787Z", "dateUpdated": "2025-01-13T21:54:58.675Z"}, "containers": {"cna": {"affected": [{"product": "Firefox", "vendor": "Mozilla", "versions": [{"lessThan": "134", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Firefox ESR", "vendor": "Mozilla", "versions": [{"lessThan": "128.6", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Thunderbird", "vendor": "Mozilla", "versions": [{"lessThan": "134", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Thunderbird", "vendor": "Mozilla", "versions": [{"lessThan": "128.6", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6."}]}], "problemTypes": [{"descriptions": [{"description": "WebChannel APIs susceptible to confused deputy attack", "lang": "en", "type": "text"}]}], "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1915257"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-01/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-02/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-04/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-05/"}], "credits": [{"lang": "en", "value": "Andrew McCreight"}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2025-01-13T21:54:58.675Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-863", "lang": "en", "description": "CWE-863 Incorrect Authorization"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-01-08T15:57:56.339970Z", "id": "CVE-2025-0237", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-08T16:01:17.580Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-0237", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-01-08T15:57:56.339970Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-863", "description": "CWE-863 Incorrect Authorization"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-08T16:01:12.491Z"}}], "cna": {"credits": [{"lang": "en", "value": "Andrew McCreight"}], "affected": [{"vendor": "Mozilla", "product": "Firefox", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "134", "versionType": "custom"}]}, {"vendor": "Mozilla", "product": "Firefox ESR", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "128.6", "versionType": "custom"}]}, {"vendor": "Mozilla", "product": "Thunderbird", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "134", "versionType": "custom"}]}, {"vendor": "Mozilla", "product": "Thunderbird", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "128.6", "versionType": "custom"}]}], "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1915257"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-01/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-02/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-04/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-05/"}], "descriptions": [{"lang": "en", "value": "The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6.", "supportingMedia": [{"type": "text/html", "value": "The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "WebChannel APIs susceptible to confused deputy attack"}]}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2025-01-13T21:54:58.675Z"}}}, "cveMetadata": {"cveId": "CVE-2025-0237", "state": "PUBLISHED", "dateUpdated": "2025-01-13T21:54:58.675Z", "dateReserved": "2025-01-06T14:48:59.270Z", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "datePublished": "2025-01-07T16:07:05.787Z", "assignerShortName": "mozilla"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*", "matchCriteriaId": "AEBB7F43-496D-4A67-8E9E-EEE29913B6DE", "versionEndExcluding": "128.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "4FDCA935-A68D-404E-A749-CA3845C709F0", "versionEndExcluding": "134.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "C92D62DE-A681-4B9D-9640-D12D04392A1B", "versionEndExcluding": "128.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "A633E231-80F8-4A92-BA69-B9BE5BE45D00", "versionEndExcluding": "134.0", "versionStartIncluding": "129.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6."}, {"lang": "es", "value": "La WebChannel API, que se utiliza para transportar informaci\u00f3n diversa entre procesos, no comprob\u00f3 el principal de env\u00edo, sino que acept\u00f3 el principal enviado. Esto podr\u00eda haber provocado ataques de escalada de privilegios. Esta vulnerabilidad afecta a Firefox < 134 y Firefox ESR < 128.6."}], "id": "CVE-2025-0237", "lastModified": "2025-04-03T16:29:29.923", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-01-07T16:15:38.323", "references": [{"source": "security@mozilla.org", "tags": ["Issue Tracking", "Permissions Required"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1915257"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-04/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-05/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2025:0132", "cpe": "cpe:/o:redhat:rhel_els:7", "package": "firefox-0:128.6.0-1.el7_9", "product_name": "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "release_date": "2025-01-09T00:00:00Z"}, {"advisory": "RHSA-2025:0144", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "firefox-0:128.6.0-1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-01-09T00:00:00Z"}, {"advisory": "RHSA-2025:0281", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "thunderbird-0:128.6.0-3.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-01-13T00:00:00Z"}, {"advisory": "RHSA-2025:0133", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "firefox-0:128.6.0-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2025-01-09T00:00:00Z"}, {"advisory": "RHSA-2025:0286", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "thunderbird-0:128.6.0-3.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2025-01-13T00:00:00Z"}, {"advisory": "RHSA-2025:0134", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "firefox-0:128.6.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2025-01-09T00:00:00Z"}, {"advisory": "RHSA-2025:0287", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "thunderbird-0:128.6.0-3.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2025-01-13T00:00:00Z"}, {"advisory": "RHSA-2025:0134", "cpe": "cpe:/a:redhat:rhel_tus:8.4", "package": "firefox-0:128.6.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2025-01-09T00:00:00Z"}, {"advisory": "RHSA-2025:0287", "cpe": "cpe:/a:redhat:rhel_tus:8.4", "package": "thunderbird-0:128.6.0-3.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2025-01-13T00:00:00Z"}, {"advisory": "RHSA-2025:0134", "cpe": "cpe:/a:redhat:rhel_e4s:8.4", "package": "firefox-0:128.6.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2025-01-09T00:00:00Z"}, {"advisory": "RHSA-2025:0287", "cpe": "cpe:/a:redhat:rhel_e4s:8.4", "package": "thunderbird-0:128.6.0-3.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2025-01-13T00:00:00Z"}, {"advisory": "RHSA-2025:0136", "cpe": "cpe:/a:redhat:rhel_aus:8.6", "package": "firefox-0:128.6.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date": "2025-01-09T00:00:00Z"}, {"advisory": "RHSA-2025:0275", "cpe": "cpe:/a:redhat:rhel_aus:8.6", "package": "thunderbird-0:128.6.0-3.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date": "2025-01-13T00:00:00Z"}, {"advisory": "RHSA-2025:0136", "cpe": "cpe:/a:redhat:rhel_tus:8.6", "package": "firefox-0:128.6.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date": "2025-01-09T00:00:00Z"}, {"advisory": "RHSA-2025:0275", "cpe": "cpe:/a:redhat:rhel_tus:8.6", "package": "thunderbird-0:128.6.0-3.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date": "2025-01-13T00:00:00Z"}, {"advisory": "RHSA-2025:0136", "cpe": "cpe:/a:redhat:rhel_e4s:8.6", "package": "firefox-0:128.6.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date": "2025-01-09T00:00:00Z"}, {"advisory": "RHSA-2025:0275", "cpe": "cpe:/a:redhat:rhel_e4s:8.6", "package": "thunderbird-0:128.6.0-3.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date": "2025-01-13T00:00:00Z"}, {"advisory": "RHSA-2025:0137", "cpe": "cpe:/a:redhat:rhel_eus:8.8", "package": "firefox-0:128.6.0-1.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2025-01-09T00:00:00Z"}, {"advisory": "RHSA-2025:0284", "cpe": "cpe:/a:redhat:rhel_eus:8.8", "package": "thunderbird-0:128.6.0-3.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2025-01-13T00:00:00Z"}, {"advisory": "RHSA-2025:0080", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "firefox-0:128.6.0-1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-01-08T00:00:00Z"}, {"advisory": "RHSA-2025:0147", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "thunderbird-0:128.6.0-3.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-01-09T00:00:00Z"}, {"advisory": "RHSA-2025:0162", "cpe": "cpe:/a:redhat:rhel_e4s:9.0", "package": "firefox-0:128.6.0-1.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2025-01-09T00:00:00Z"}, {"advisory": "RHSA-2025:0165", "cpe": "cpe:/a:redhat:rhel_e4s:9.0", "package": "thunderbird-0:128.6.0-3.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2025-01-09T00:00:00Z"}, {"advisory": "RHSA-2025:0138", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "firefox-0:128.6.0-1.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2025-01-09T00:00:00Z"}, {"advisory": "RHSA-2025:0167", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "thunderbird-0:128.6.0-3.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2025-01-09T00:00:00Z"}, {"advisory": "RHSA-2025:0135", "cpe": "cpe:/a:redhat:rhel_eus:9.4", "package": "firefox-0:128.6.0-1.el9_4", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2025-01-09T00:00:00Z"}, {"advisory": "RHSA-2025:0166", "cpe": "cpe:/a:redhat:rhel_eus:9.4", "package": "thunderbird-0:128.6.0-3.el9_4", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2025-01-09T00:00:00Z"}], "bugzilla": {"description": "firefox: thunderbird: WebChannel APIs susceptible to confused deputy attack", "id": "2336182", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336182"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.8", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", "status": "verified"}, "cwe": "CWE-441", "details": ["The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6.", "A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks."], "name": "CVE-2025-0237", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "firefox:flatpak/firefox", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "thunderbird:flatpak/thunderbird", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-01-07T16:07:05Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-0237\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-0237\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1915257\nhttps://www.mozilla.org/security/advisories/mfsa2025-01/\nhttps://www.mozilla.org/security/advisories/mfsa2025-02/"], "statement": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "threat_severity": "Moderate"}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object