Multiple vulnerabilities in Mozilla Firefox

Описание

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code, spoof user interface.

Below is a complete list of vulnerabilities:

1. Incorrect boundary conditions vulnerability in the Graphics: WebGPU component can be exploited to cause denial of service.
2. Race condition vulnerability in the Graphics component can be exploited to cause denial of service.
3. Sandbox escape due to incorrect boundary conditions vulnerability in the Graphics: WebGPU component can be exploited to cause denial of service.
4. Incorrect boundary conditions vulnerability in the JavaScript: WebAssembly component can be exploited to cause denial of service.
5. JIT miscompilation vulnerability in the JavaScript Engine: JIT component can be exploited to cause denial of service.
6. Same-origin policy bypass vulnerability in the DOM: Notifications component can be exploited to bypass security restrictions.
7. Mitigation bypass vulnerability in the DOM: Security component can be exploited to bypass security restrictions.
8. Same-origin policy bypass vulnerability in the DOM: Workers component can be exploited to bypass security restrictions.
9. Mitigation bypass vulnerability in the DOM: Core & HTML component can be exploited to bypass security restrictions.
10. Use-after-free vulnerability in the WebRTC: Audio/Video component can be exploited to cause denial of service or execute arbitrary code.
11. Use-after-free vulnerability in the Audio/Video component can be exploited to cause denial of service or execute arbitrary code.
12. Spoofing vulnerability in Firefox can be exploited to spoof user interface.
13. Memory safety vulnerability in Firefox can be exploited to execute arbitrary code.

Первичный источник обнаружения

• MFSA2025-81
  

Эксплуатация

Public exploits exist for this vulnerability.

Связанные продукты

• Mozilla-Firefox

Список CVE

• CVE-2025-13012
  critical
• CVE-2025-13013
  high
• CVE-2025-13014
  critical
• CVE-2025-13015
  warning
• CVE-2025-13016
  critical
• CVE-2025-13017
  critical
• CVE-2025-13018
  critical
• CVE-2025-13019
  critical
• CVE-2025-13020
  critical
• CVE-2025-13021
  critical
• CVE-2025-13022
  critical
• CVE-2025-13023
  critical
• CVE-2025-13024
  critical
• CVE-2025-13025
  critical
• CVE-2025-13026
  critical
• CVE-2025-13027
  critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com