Description
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code, spoof user interface.
Below is a complete list of vulnerabilities:
- Race condition vulnerability in the Graphics component can be exploited to cause denial of service.
- Incorrect boundary conditions vulnerability in the JavaScript: WebAssembly component can be exploited to cause denial of service.
- Same-origin policy bypass vulnerability in the DOM: Notifications component can be exploited to bypass security restrictions.
- Mitigation bypass vulnerability in the DOM: Security component can be exploited to bypass security restrictions.
- Same-origin policy bypass vulnerability in the DOM: Workers component can be exploited to bypass security restrictions.
- Mitigation bypass vulnerability in the DOM: Core & HTML component can be exploited to bypass security restrictions.
- Use-after-free vulnerability in the WebRTC: Audio/Video component can be exploited to cause denial of service or execute arbitrary code.
- Use-after-free vulnerability in the Audio/Video component can be exploited to cause denial of service or execute arbitrary code.
- Spoofing vulnerability in Firefox can be exploited to spoof user interface.
Original advisories
Related products
CVE list
- CVE-2025-13012 critical
- CVE-2025-13013 high
- CVE-2025-13014 critical
- CVE-2025-13015 warning
- CVE-2025-13016 critical
- CVE-2025-13017 critical
- CVE-2025-13018 critical
- CVE-2025-13019 critical
- CVE-2025-13020 critical
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!