CVE-2025-3028 - K7 Labs

CVE Number	Vulnerability	Product	Severity	Date
CVE-2025-3028	Firefox Use-after-free Vulnerability	Firefox	Medium	29-04-2025

Javascript code running in Firefox while transforming a document with the XSLTProcessor could lead to a use-after-free.

Patch release date: Apr 08, 2025
Further information on this vulnerability is available at :
https://www.mozilla.org/en-US/security/advisories/mfsa2025-20/

Firefox < 137.0