CVE-2025-1942

When String.toUpperCase() caused a string to get longer it was possible for uninitialized memory to be incorporated into the result string. This vulnerability was fixed in Firefox 136 and Thunderbird 136.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://bugzilla.mozilla.org/show_bug.cgi?id=1947139	Issue Tracking
https://www.mozilla.org/security/advisories/mfsa2025-14/	Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2025-17/	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:mozilla:firefox::::::::
	cpe:2.3:a:mozilla:thunderbird::::::::

History

13 Apr 2026, 15:16

Type	Values Removed	Values Added
Summary	(en) When String.toUpperCase() caused a string to get longer it was possible for uninitialized memory to be incorporated into the result string This vulnerability affects Firefox < 136 and Thunderbird < 136.	(en) When String.toUpperCase() caused a string to get longer it was possible for uninitialized memory to be incorporated into the result string. This vulnerability was fixed in Firefox 136 and Thunderbird 136.

28 Mar 2025, 20:10

Type	Values Removed	Values Added
References	~~() https://bugzilla.mozilla.org/show_bug.cgi?id=1947139 -~~	() https://bugzilla.mozilla.org/show_bug.cgi?id=1947139 - Issue Tracking
References	~~() https://www.mozilla.org/security/advisories/mfsa2025-14/ -~~	() https://www.mozilla.org/security/advisories/mfsa2025-14/ - Vendor Advisory
References	~~() https://www.mozilla.org/security/advisories/mfsa2025-17/ -~~	() https://www.mozilla.org/security/advisories/mfsa2025-17/ - Vendor Advisory
First Time		Mozilla firefox Mozilla thunderbird Mozilla
CPE		cpe:2.3:a:mozilla:firefox:::::::: cpe:2.3:a:mozilla:thunderbird::::::::

25 Mar 2025, 15:15

Type	Values Removed	Values Added
CWE		CWE-908
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 9.8

12 Mar 2025, 17:15

Type	Values Removed	Values Added
Summary		(es) Cuando String.toUpperCase() hacía que una cadena se hiciera más larga, era posible que la memoria no inicializada se incorporara a la cadena de resultado. Esta vulnerabilidad afecta a Firefox < 136 y Thunderbird < 136.
CWE	~~CWE-908~~
CVSS	v2 : ~~unknown~~ v3 : ~~6.5~~	v2 : unknown v3 : unknown

05 Mar 2025, 00:15

Type	Values Removed	Values Added
Summary	~~(en) When String.toUpperCase() caused a string to get longer it was possible for uninitialized memory to be incorporated into the result string This vulnerability affects Firefox < 136.~~	(en) When String.toUpperCase() caused a string to get longer it was possible for uninitialized memory to be incorporated into the result string This vulnerability affects Firefox < 136 and Thunderbird < 136.
References		() https://www.mozilla.org/security/advisories/mfsa2025-17/ -

04 Mar 2025, 16:15

Type	Values Removed	Values Added
CWE		CWE-908
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.5

04 Mar 2025, 14:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-03-04 14:15

Updated : 2026-04-13 15:16

NVD link : CVE-2025-1942

Mitre link : CVE-2025-1942

CVE.ORG link : CVE-2025-1942

JSON object : View

Products Affected

mozilla

thunderbird
firefox

CWE

CWE-908

Use of Uninitialized Resource

9.8 /10