admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-04-29 14:00:38 +00:00
parent 812e00941f
commit fac13ba307
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
19 changed files with 1892 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

123
2025/2xxx/CVE-2025-2817.json
View File

@ -1,18 +1,131 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-2817",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Mozilla Firefox's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the user-privileged process, an attacker could bypass intended access controls, allowing SYSTEM-level file operations on paths controlled by a non-privileged user and enabling privilege escalation. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird ESR < 128.10."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege escalation in Firefox Updater"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "138"
}
]
}
},
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "128.10"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "138"
}
]
}
},
{
"product_name": "Thunderbird ESR",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "128.10"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1917536",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1917536"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-28/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-28/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-29/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-29/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-30/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-30/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-31/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-31/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-32/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-32/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Dong-uk Kim (@justlikebono)"
}
]
}

70
2025/3xxx/CVE-2025-3301.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-3301",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@silabs.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "DPA countermeasures are unavailable for ECDH key agreement and EdDSA signing operations on Curve25519 and Curve448 on all Series 2 modules and SoCs due to a lack of hardware and software support. A successful DPA attack may result in exposure of confidential information. The best practice is to use the impacted crypto curves and operations with ephemeral keys to reduce the number of DPA traces that can be collected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1255 Comparison Logic is Vulnerable to Power Side-Channel Attacks",
"cweId": "CWE-1255"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "silabs.com",
"product": {
"product_data": [
{
"product_name": "Series 2 SoCs and associated modules",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "all released hardware revisions",
"status": "affected",
"version": "0",
"versionType": "custom"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://community.silabs.com/068Vm00000O8qbY",
"refsource": "MISC",
"name": "https://community.silabs.com/068Vm00000O8qbY"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
}
}

114
2025/4xxx/CVE-2025-4061.json
View File

@ -1,17 +1,123 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-4061",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability, which was classified as critical, was found in code-projects Clothing Store Management System up to 1.0. Affected is the function add_item. The manipulation of the argument st.productname leads to stack-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used."
},
{
"lang": "deu",
"value": "Es wurde eine Schwachstelle in code-projects Clothing Store Management System bis 1.0 gefunden. Sie wurde als kritisch eingestuft. Dabei betrifft es die Funktion add_item. Mittels dem Manipulieren des Arguments st.productname mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stack-based Buffer Overflow",
"cweId": "CWE-121"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "code-projects",
"product": {
"product_data": [
{
"product_name": "Clothing Store Management System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.306498",
"refsource": "MISC",
"name": "https://vuldb.com/?id.306498"
},
{
"url": "https://vuldb.com/?ctiid.306498",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.306498"
},
{
"url": "https://vuldb.com/?submit.559447",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.559447"
},
{
"url": "https://github.com/zzzxc643/cve/blob/main/Clothing_store_mgmt.md",
"refsource": "MISC",
"name": "https://github.com/zzzxc643/cve/blob/main/Clothing_store_mgmt.md"
},
{
"url": "https://code-projects.org/",
"refsource": "MISC",
"name": "https://code-projects.org/"
}
]
},
"credits": [
{
"lang": "en",
"value": "zzzxc (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 5.3,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 5.3,
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

114
2025/4xxx/CVE-2025-4062.json
View File

@ -1,17 +1,123 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-4062",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been found in code-projects Theater Seat Booking System 1.0 and classified as critical. Affected by this vulnerability is the function cancel. The manipulation of the argument cancelcustomername leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used."
},
{
"lang": "deu",
"value": "In code-projects Theater Seat Booking System 1.0 wurde eine Schwachstelle gefunden. Sie wurde als kritisch eingestuft. Hierbei betrifft es die Funktion cancel. Mittels Manipulieren des Arguments cancelcustomername mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff muss lokal angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stack-based Buffer Overflow",
"cweId": "CWE-121"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "code-projects",
"product": {
"product_data": [
{
"product_name": "Theater Seat Booking System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.306499",
"refsource": "MISC",
"name": "https://vuldb.com/?id.306499"
},
{
"url": "https://vuldb.com/?ctiid.306499",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.306499"
},
{
"url": "https://vuldb.com/?submit.559452",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.559452"
},
{
"url": "https://github.com/zzzxc643/cve/blob/main/Theatre_booking_System.md",
"refsource": "MISC",
"name": "https://github.com/zzzxc643/cve/blob/main/Theatre_booking_System.md"
},
{
"url": "https://code-projects.org/",
"refsource": "MISC",
"name": "https://code-projects.org/"
}
]
},
"credits": [
{
"lang": "en",
"value": "zzzxc (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 5.3,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 5.3,
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

114
2025/4xxx/CVE-2025-4063.json
View File

@ -1,17 +1,123 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-4063",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in code-projects Student Information Management System 1.0 and classified as critical. Affected by this issue is the function cancel. The manipulation of the argument first_name/last_name leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used."
},
{
"lang": "deu",
"value": "Eine Schwachstelle wurde in code-projects Student Information Management System 1.0 gefunden. Sie wurde als kritisch eingestuft. Davon betroffen ist die Funktion cancel. Durch das Manipulieren des Arguments first_name/last_name mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff muss lokal passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stack-based Buffer Overflow",
"cweId": "CWE-121"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "code-projects",
"product": {
"product_data": [
{
"product_name": "Student Information Management System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.306500",
"refsource": "MISC",
"name": "https://vuldb.com/?id.306500"
},
{
"url": "https://vuldb.com/?ctiid.306500",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.306500"
},
{
"url": "https://vuldb.com/?submit.559466",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.559466"
},
{
"url": "https://github.com/zzzxc643/cve/blob/main/Student_Info_System.md",
"refsource": "MISC",
"name": "https://github.com/zzzxc643/cve/blob/main/Student_Info_System.md"
},
{
"url": "https://code-projects.org/",
"refsource": "MISC",
"name": "https://code-projects.org/"
}
]
},
"credits": [
{
"lang": "en",
"value": "zzzxc (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 5.3,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 5.3,
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

109
2025/4xxx/CVE-2025-4064.json
View File

@ -1,17 +1,118 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-4064",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in ScriptAndTools Online-Travling-System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/viewenquiry.php. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "deu",
"value": "Es wurde eine Schwachstelle in ScriptAndTools Online-Travling-System 1.0 ausgemacht. Sie wurde als kritisch eingestuft. Hiervon betroffen ist ein unbekannter Codeblock der Datei /admin/viewenquiry.php. Durch Manipulieren mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Controls",
"cweId": "CWE-284"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Incorrect Privilege Assignment",
"cweId": "CWE-266"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "ScriptAndTools",
"product": {
"product_data": [
{
"product_name": "Online-Travling-System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.306501",
"refsource": "MISC",
"name": "https://vuldb.com/?id.306501"
},
{
"url": "https://vuldb.com/?ctiid.306501",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.306501"
},
{
"url": "https://vuldb.com/?submit.559467",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.559467"
},
{
"url": "https://www.websecurityinsights.my.id/2025/04/script-and-tools-online-travling-system.html",
"refsource": "MISC",
"name": "https://www.websecurityinsights.my.id/2025/04/script-and-tools-online-travling-system.html"
}
]
},
"credits": [
{
"lang": "en",
"value": "MaloyRoyOrko (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 5.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N"
}
]
}

131
2025/4xxx/CVE-2025-4082.json Normal file
View File

@ -0,0 +1,131 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2025-4082",
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Modification of specific WebGL shader attributes could trigger an out-of-bounds read, which, when chained with other vulnerabilities, could be used to escalate privileges.\n*This bug only affects Firefox for macOS. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird ESR < 128.10."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "WebGL shader attribute memory corruption in Firefox for macOS"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "138"
}
]
}
},
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "128.10"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "138"
}
]
}
},
{
"product_name": "Thunderbird ESR",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "128.10"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1937097",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1937097"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-28/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-28/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-29/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-29/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-30/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-30/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-31/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-31/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-32/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-32/"
}
]
},
"credits": [
{
"lang": "en",
"value": "un3xploitable & GF"
}
]
}

131
2025/4xxx/CVE-2025-4083.json Normal file
View File

@ -0,0 +1,131 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2025-4083",
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A process isolation vulnerability in Firefox stemmed from improper handling of javascript: URIs, which could allow content to execute in the top-level document's process instead of the intended frame, potentially enabling a sandbox escape. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird ESR < 128.10."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Process isolation bypass using \"javascript:\" URI links in cross-origin frames"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "138"
}
]
}
},
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "128.10"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "138"
}
]
}
},
{
"product_name": "Thunderbird ESR",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "128.10"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1958350",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1958350"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-28/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-28/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-29/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-29/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-30/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-30/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-31/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-31/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-32/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-32/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Nika Layzell"
}
]
}

97
2025/4xxx/CVE-2025-4084.json Normal file
View File

@ -0,0 +1,97 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2025-4084",
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Due to insufficient escaping of the special characters in the \"copy as cURL\" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system.\n*This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.* This vulnerability affects Firefox ESR < 128.10, Firefox ESR < 115.23, and Thunderbird ESR < 128.10."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Potential local code execution in \"copy as cURL\" command"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "128.10"
}
]
}
},
{
"product_name": "Thunderbird ESR",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "128.10"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1949994%2C1956698%2C1960198",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1949994%2C1956698%2C1960198"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-29/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-29/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-30/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-30/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-32/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-32/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Ameen Basha M K"
}
]
}

92
2025/4xxx/CVE-2025-4085.json Normal file
View File

@ -0,0 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2025-4085",
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An attacker with control over a content process could potentially leverage the privileged UITour actor to leak sensitive information or escalate privileges. This vulnerability affects Firefox < 138 and Thunderbird < 138."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Potential information leakage and privilege escalation in UITour actor"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "138"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "138"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1915280",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1915280"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-28/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-28/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-31/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-31/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Andrew McCreight"
}
]
}

92
2025/4xxx/CVE-2025-4086.json Normal file
View File

@ -0,0 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2025-4086",
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A specially crafted filename containing a large number of encoded newline characters could obscure the file's extension when displayed in the download dialog.\n*This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 138 and Thunderbird < 138."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Specially crafted filename could be used to obscure download type"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "138"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "138"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1945705",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1945705"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-28/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-28/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-31/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-31/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Hafiizh"
}
]
}

126
2025/4xxx/CVE-2025-4087.json Normal file
View File

@ -0,0 +1,126 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2025-4087",
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was identified in Firefox where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access and potentially, memory corruption. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Thunderbird < 138, and Thunderbird ESR < 128.10."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unsafe attribute access during XPath parsing"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "138"
}
]
}
},
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "128.10"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "138"
}
]
}
},
{
"product_name": "Thunderbird ESR",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "128.10"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1952465",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1952465"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-28/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-28/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-29/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-29/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-31/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-31/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-32/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-32/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Ivan Fratric"
}
]
}

92
2025/4xxx/CVE-2025-4088.json Normal file
View File

@ -0,0 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2025-4088",
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A security vulnerability in Firefox allowed malicious sites to use redirects to send credentialed requests to arbitrary endpoints on any site that had invoked the Storage Access API. This enabled potential Cross-Site Request Forgery attacks across origins. This vulnerability affects Firefox < 138 and Thunderbird < 138."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site request forgery via storage access API redirects"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "138"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "138"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1953521",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1953521"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-28/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-28/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-31/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-31/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Chris P. Fredrickson"
}
]
}

92
2025/4xxx/CVE-2025-4089.json Normal file
View File

@ -0,0 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2025-4089",
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Due to insufficient escaping of special characters in the \"copy as cURL\" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability affects Firefox < 138 and Thunderbird < 138."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Potential local code execution in \"copy as cURL\" command"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "138"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "138"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1949994%2C1956698%2C1960198",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1949994%2C1956698%2C1960198"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-28/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-28/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-31/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-31/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Ameen Basha M K"
}
]
}

92
2025/4xxx/CVE-2025-4090.json Normal file
View File

@ -0,0 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2025-4090",
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability existed in Firefox for Android where potentially sensitive library locations were logged via Logcat. This vulnerability affects Firefox < 138 and Thunderbird < 138."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Leaked library paths in Firefox for Android"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "138"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "138"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1929478",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1929478"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-28/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-28/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-31/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-31/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Seongyun Jeong"
}
]
}

126
2025/4xxx/CVE-2025-4091.json Normal file
View File

@ -0,0 +1,126 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2025-4091",
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memory safety bugs present in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Thunderbird < 138, and Thunderbird ESR < 128.10."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory safety bugs fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "138"
}
]
}
},
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "128.10"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "138"
}
]
}
},
{
"product_name": "Thunderbird ESR",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "128.10"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1951161%2C1952105",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1951161%2C1952105"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-28/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-28/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-29/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-29/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-31/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-31/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-32/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-32/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Maurice Dauer and the Mozilla Fuzzing Team"
}
]
}

92
2025/4xxx/CVE-2025-4092.json Normal file
View File

@ -0,0 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2025-4092",
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memory safety bugs present in Firefox 137 and Thunderbird 137. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 138 and Thunderbird < 138."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory safety bugs fixed in Firefox 138 and Thunderbird 138"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "138"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "138"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1924108%2C1950780%2C1959367",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1924108%2C1950780%2C1959367"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-28/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-28/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-31/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-31/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Randell Jesup, Jens Stutte, and the Mozilla Fuzzing Team"
}
]
}

92
2025/4xxx/CVE-2025-4093.json Normal file
View File

@ -0,0 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2025-4093",
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memory safety bug present in Firefox ESR 128.9, and Thunderbird 128.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 128.10 and Thunderbird ESR < 128.10."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory safety bug fixed in Firefox ESR 128.10 and Thunderbird 128.10"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "128.10"
}
]
}
},
{
"product_name": "Thunderbird ESR",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "128.10"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1894100",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1894100"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-29/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-29/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-32/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2025-32/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Andrew McCreight"
}
]
}

18
2025/4xxx/CVE-2025-4094.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-4094",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}