CVE-2025-3608

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Apr 15, 2025

Updated: Apr 18, 2025

CWE ID 362

Summary

CVE-2025-3608: A critical race condition was identified in Firefox's nsHttpTransaction module. This issue could lead to memory corruption, potentially exposing users to exploitable conditions. The vulnerability affects Firefox versions prior to 137.0.2. An attacker could exploit this flaw through maliciously crafted web content, gaining unauthorized access or executing arbitrary code. Users are advised to update their Firefox browsers to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Mozilla Firefox

Affected Vendors

Mozilla

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/5OxIFN
https://www.cve.org/CVERecord?id=CVE-2025-3608
https://nvd.nist.gov/vuln/detail/CVE-2025-3608

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners