CVE-2025-3032

High

Leaking of file descriptors from the fork server to web content processes could allow for privilege escalation attacks. This vulnerability…

mozilla·CWE-403·Published 2025-04-01

CVSS

7.4

EPSS

0.00

KEV

Exploits

cve.orgen

184 chars

Leaking of file descriptors from the fork server to web content processes could allow for privilege escalation attacks. This vulnerability was fixed in Firefox 137 and Thunderbird 137.

NVDen

184 chars

Leaking of file descriptors from the fork server to web content processes could allow for privilege escalation attacks. This vulnerability was fixed in Firefox 137 and Thunderbird 137.

La filtración de descriptores de archivos del servidor de bifurcación a los procesos de contenido web podría permitir ataques de escalada de privilegios. Esta vulnerabilidad afecta a Firefox (versión anterior a la 137) y Thunderbird (versión anterior a la 137).

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	7.4	—	—	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
3.1	Primary	cve.org	7.4	—	—	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
3.1	Secondary	NVD	7.4	2.2	5.2	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N