vulnerability

MFSA2025-19 Firefox: Security Vulnerability fixed in Firefox 136.0.4, Firefox ESR 128.8.1, Firefox ESR 115.21.1 (CVE-2025-2783)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:H/Au:N/C:C/I:C/A:C)	2025-03-27	2025-03-28	2025-03-31

Severity

CVSS

(AV:N/AC:H/Au:N/C:C/I:C/A:C)

Published

2025-03-27

Added

2025-03-28

Modified

2025-03-31

Description

Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)

Solution(s)

mozilla-firefox-esr-upgrade-115_21_1mozilla-firefox-esr-upgrade-128_8_1mozilla-firefox-upgrade-136_0_4

References

CVE-2025-2783
https://attackerkb.com/topics/CVE-2025-2783
URL-http://www.mozilla.org/security/announce/2025/mfsa2025-19.html

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today