Vulnerability-Lookup

CVE-2025-11714 (GCVE-0-2025-11714)

Vulnerability from cvelistv5 – Published: 2025-10-14 12:27 – Updated: 2026-04-13 14:29

Title

Memory safety bugs fixed in Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144

Summary

Memory safety bugs present in Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4.

Severity ?

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-787 - Out-of-bounds Write
CWE-125 - Out-of-bounds Read
CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Assigner

mozilla

References

6 references

URL	Tags
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1…
https://www.mozilla.org/security/advisories/mfsa2…
https://www.mozilla.org/security/advisories/mfsa2…
https://www.mozilla.org/security/advisories/mfsa2…
https://www.mozilla.org/security/advisories/mfsa2…
https://www.mozilla.org/security/advisories/mfsa2…

Impacted products

2 products

Vendor	Product	Version
Mozilla	Firefox	Unaffected: 115.29 , ≤ 115.* (rpm) Unaffected: 140.4 , ≤ 140.* (rpm) Unaffected: 144 , ≤ * (rpm)
Mozilla	Thunderbird	Unaffected: 140.4 , ≤ 140.* (rpm) Unaffected: 144 , ≤ * (rpm)

Credits

The Mozilla Fuzzing Team

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-11714",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-21T03:55:19.323937Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-787",
                "description": "CWE-787 Out-of-bounds Write",
                "lang": "en",
                "type": "CWE"
              }
            ]
          },
          {
            "descriptions": [
              {
                "cweId": "CWE-125",
                "description": "CWE-125 Out-of-bounds Read",
                "lang": "en",
                "type": "CWE"
              }
            ]
          },
          {
            "descriptions": [
              {
                "cweId": "CWE-119",
                "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T17:47:39.825Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T17:32:01.391Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00031.html"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00015.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Firefox",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThanOrEqual": "115.*",
              "status": "unaffected",
              "version": "115.29",
              "versionType": "rpm"
            },
            {
              "lessThanOrEqual": "140.*",
              "status": "unaffected",
              "version": "140.4",
              "versionType": "rpm"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "144",
              "versionType": "rpm"
            }
          ]
        },
        {
          "product": "Thunderbird",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThanOrEqual": "140.*",
              "status": "unaffected",
              "version": "140.4",
              "versionType": "rpm"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "144",
              "versionType": "rpm"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "The Mozilla Fuzzing Team"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Memory safety bugs present in Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4."
            }
          ],
          "value": "Memory safety bugs present in Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-13T14:29:23.290Z",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "name": "Memory safety bugs fixed in Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144",
          "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1973699%2C1989945%2C1990970%2C1991040%2C1992113"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2025-81/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2025-82/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2025-83/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2025-84/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2025-85/"
        }
      ],
      "title": "Memory safety bugs fixed in Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2025-11714",
    "datePublished": "2025-10-14T12:27:34.820Z",
    "dateReserved": "2025-10-13T19:50:12.815Z",
    "dateUpdated": "2026-04-13T14:29:23.290Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-11714",
      "date": "2026-05-24",
      "epss": "0.00061",
      "percentile": "0.18942"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-11714\",\"sourceIdentifier\":\"security@mozilla.org\",\"published\":\"2025-10-14T13:15:37.680\",\"lastModified\":\"2026-04-13T15:16:40.350\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Memory safety bugs present in Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"},{\"lang\":\"en\",\"value\":\"CWE-125\"},{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*\",\"versionEndExcluding\":\"115.29.0\",\"matchCriteriaId\":\"45205EB8-E615-4FE6-877C-231B4A29F86E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*\",\"versionEndExcluding\":\"144.0\",\"matchCriteriaId\":\"CEE2F6DA-4331-4D6D-B01B-610DFDBE1833\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*\",\"versionStartIncluding\":\"116.0\",\"versionEndExcluding\":\"140.4.0\",\"matchCriteriaId\":\"34B8F1CA-9F1A-4484-828E-4192CF1FEAFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"140.4.0\",\"matchCriteriaId\":\"7C6D96D2-1E0E-4A18-B8B1-21F67E1AB441\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"141.0\",\"versionEndExcluding\":\"144.0\",\"matchCriteriaId\":\"0BD75942-93B9-47A4-9762-05965EBD7FFF\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1973699%2C1989945%2C1990970%2C1991040%2C1992113\",\"source\":\"security@mozilla.org\",\"tags\":[\"Broken Link\",\"Issue Tracking\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2025-81/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2025-82/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2025-83/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2025-84/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2025-85/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/10/msg00015.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/10/msg00031.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.debian.org/debian-lts-announce/2025/10/msg00031.html\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2025/10/msg00015.html\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-03T17:32:01.391Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-11714\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-10-21T03:55:19.323937Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"CWE-787 Out-of-bounds Write\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-125\", \"description\": \"CWE-125 Out-of-bounds Read\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-119\", \"description\": \"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-10-15T13:28:37.515Z\"}}], \"cna\": {\"title\": \"Memory safety bugs fixed in Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144\", \"credits\": [{\"lang\": \"en\", \"value\": \"The Mozilla Fuzzing Team\"}], \"affected\": [{\"vendor\": \"Mozilla\", \"product\": \"Firefox\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"115.29\", \"versionType\": \"rpm\", \"lessThanOrEqual\": \"115.*\"}, {\"status\": \"unaffected\", \"version\": \"140.4\", \"versionType\": \"rpm\", \"lessThanOrEqual\": \"140.*\"}, {\"status\": \"unaffected\", \"version\": \"144\", \"versionType\": \"rpm\", \"lessThanOrEqual\": \"*\"}]}, {\"vendor\": \"Mozilla\", \"product\": \"Thunderbird\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"140.4\", \"versionType\": \"rpm\", \"lessThanOrEqual\": \"140.*\"}, {\"status\": \"unaffected\", \"version\": \"144\", \"versionType\": \"rpm\", \"lessThanOrEqual\": \"*\"}]}], \"references\": [{\"url\": \"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1973699%2C1989945%2C1990970%2C1991040%2C1992113\", \"name\": \"Memory safety bugs fixed in Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2025-81/\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2025-82/\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2025-83/\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2025-84/\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2025-85/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Memory safety bugs present in Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Memory safety bugs present in Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4.\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"f16b083a-5664-49f3-a51e-8d479e5ed7fe\", \"shortName\": \"mozilla\", \"dateUpdated\": \"2026-04-13T14:29:23.290Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-11714\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-13T14:29:23.290Z\", \"dateReserved\": \"2025-10-13T19:50:12.815Z\", \"assignerOrgId\": \"f16b083a-5664-49f3-a51e-8d479e5ed7fe\", \"datePublished\": \"2025-10-14T12:27:34.820Z\", \"assignerShortName\": \"mozilla\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

CERTFR-2025-AVI-0873

Vulnerability from certfr_avis - Published: 2025-10-15 - Updated: 2025-10-15

De multiples vulnérabilités ont été découvertes dans les produits Mozilla. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Mozilla	Firefox	Firefox versions antérieures à 144
Mozilla	Thunderbird	Thunderbird versions antérieures à 144
Mozilla	Firefox ESR	Firefox ESR versions antérieures à 115.29
Mozilla	Firefox ESR	Firefox ESR versions antérieures à 140.4
Mozilla	Thunderbird	Thunderbird versions antérieures à 140.4

References

Title

Publication Time

CERTFR-2025-AVI-0873

Vulnerability from certfr_avis - Published: 2025-10-15 - Updated: 2025-10-15

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Mozilla	Firefox	Firefox versions antérieures à 144
Mozilla	Thunderbird	Thunderbird versions antérieures à 144
Mozilla	Firefox ESR	Firefox ESR versions antérieures à 115.29
Mozilla	Firefox ESR	Firefox ESR versions antérieures à 140.4
Mozilla	Thunderbird	Thunderbird versions antérieures à 140.4

References

Title

Publication Time

alsa-2025:18154

Vulnerability from osv_almalinux

Published

2025-10-15 00:00

Modified

2025-10-20 12:30

Summary

Important: firefox security update

Details

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

Security Fix(es):

thunderbird: firefox: Memory safety bugs (CVE-2025-11714)
thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures (CVE-2025-11709)
thunderbird: firefox: Cross-process information leaked due to malicious IPC messages (CVE-2025-11710)
thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance() (CVE-2025-11708)
thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type (CVE-2025-11712)
thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 (CVE-2025-11715)
thunderbird: firefox: Some non-writable Object properties could be modified (CVE-2025-11711)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

URL

Type

	https://access.redhat.com/errata/RHSA-2025:18154	ADVISORY
	https://access.redhat.com/security/cve/CVE-2025-11708	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11709	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11710	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11711	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11712	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11714	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11715	REPORT
	https://bugzilla.redhat.com/2403763	REPORT
	https://bugzilla.redhat.com/2403765	REPORT
	https://bugzilla.redhat.com/2403768	REPORT
	https://bugzilla.redhat.com/2403769	REPORT
	https://bugzilla.redhat.com/2403770	REPORT
	https://bugzilla.redhat.com/2403774	REPORT
	https://bugzilla.redhat.com/2403776	REPORT
	https://errata.almalinux.org/10/ALSA-2025-18154.html	ADVISORY

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:10",
        "name": "firefox"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "140.4.0-3.el10_0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.  \n\nSecurity Fix(es):  \n\n  * thunderbird: firefox: Memory safety bugs (CVE-2025-11714)\n  * thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures (CVE-2025-11709)\n  * thunderbird: firefox: Cross-process information leaked due to malicious IPC messages (CVE-2025-11710)\n  * thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance() (CVE-2025-11708)\n  * thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type (CVE-2025-11712)\n  * thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 (CVE-2025-11715)\n  * thunderbird: firefox: Some non-writable Object properties could be modified (CVE-2025-11711)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
  "id": "ALSA-2025:18154",
  "modified": "2025-10-20T12:30:08Z",
  "published": "2025-10-15T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2025:18154"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11708"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11709"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11710"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11711"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11712"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11714"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11715"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403763"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403765"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403768"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403769"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403770"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403774"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403776"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/10/ALSA-2025-18154.html"
    }
  ],
  "related": [
    "CVE-2025-11714",
    "CVE-2025-11709",
    "CVE-2025-11710",
    "CVE-2025-11708",
    "CVE-2025-11712",
    "CVE-2025-11715",
    "CVE-2025-11711"
  ],
  "summary": "Important: firefox security update"
}

alsa-2025:18155

Vulnerability from osv_almalinux

Published

2025-10-15 00:00

Modified

2025-10-20 12:31

Summary

Important: firefox security update

Details

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

Security Fix(es):

thunderbird: firefox: Memory safety bugs (CVE-2025-11714)
thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures (CVE-2025-11709)
thunderbird: firefox: Cross-process information leaked due to malicious IPC messages (CVE-2025-11710)
thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance() (CVE-2025-11708)
thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type (CVE-2025-11712)
thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 (CVE-2025-11715)
thunderbird: firefox: Some non-writable Object properties could be modified (CVE-2025-11711)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

URL

Type

	https://access.redhat.com/errata/RHSA-2025:18155	ADVISORY
	https://access.redhat.com/security/cve/CVE-2025-11708	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11709	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11710	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11711	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11712	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11714	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11715	REPORT
	https://bugzilla.redhat.com/2403763	REPORT
	https://bugzilla.redhat.com/2403765	REPORT
	https://bugzilla.redhat.com/2403768	REPORT
	https://bugzilla.redhat.com/2403769	REPORT
	https://bugzilla.redhat.com/2403770	REPORT
	https://bugzilla.redhat.com/2403774	REPORT
	https://bugzilla.redhat.com/2403776	REPORT
	https://errata.almalinux.org/9/ALSA-2025-18155.html	ADVISORY

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "firefox"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "140.4.0-3.el9_6.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "firefox-x11"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "140.4.0-3.el9_6.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.  \n\nSecurity Fix(es):  \n\n  * thunderbird: firefox: Memory safety bugs (CVE-2025-11714)\n  * thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures (CVE-2025-11709)\n  * thunderbird: firefox: Cross-process information leaked due to malicious IPC messages (CVE-2025-11710)\n  * thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance() (CVE-2025-11708)\n  * thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type (CVE-2025-11712)\n  * thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 (CVE-2025-11715)\n  * thunderbird: firefox: Some non-writable Object properties could be modified (CVE-2025-11711)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
  "id": "ALSA-2025:18155",
  "modified": "2025-10-20T12:31:42Z",
  "published": "2025-10-15T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2025:18155"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11708"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11709"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11710"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11711"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11712"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11714"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11715"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403763"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403765"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403768"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403769"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403770"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403774"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403776"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/9/ALSA-2025-18155.html"
    }
  ],
  "related": [
    "CVE-2025-11714",
    "CVE-2025-11709",
    "CVE-2025-11710",
    "CVE-2025-11708",
    "CVE-2025-11712",
    "CVE-2025-11715",
    "CVE-2025-11711"
  ],
  "summary": "Important: firefox security update"
}

alsa-2025:18285

Vulnerability from osv_almalinux

Published

2025-10-20 00:00

Modified

2025-10-20 11:50

Summary

Important: firefox security update

Details

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

Security Fix(es):

thunderbird: firefox: Memory safety bugs (CVE-2025-11714)
thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures (CVE-2025-11709)
thunderbird: firefox: Cross-process information leaked due to malicious IPC messages (CVE-2025-11710)
thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance() (CVE-2025-11708)
thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type (CVE-2025-11712)
thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 (CVE-2025-11715)
thunderbird: firefox: Some non-writable Object properties could be modified (CVE-2025-11711)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

URL

Type

	https://access.redhat.com/errata/RHSA-2025:18285	ADVISORY
	https://access.redhat.com/security/cve/CVE-2025-11708	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11709	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11710	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11711	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11712	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11714	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11715	REPORT
	https://bugzilla.redhat.com/2403763	REPORT
	https://bugzilla.redhat.com/2403765	REPORT
	https://bugzilla.redhat.com/2403768	REPORT
	https://bugzilla.redhat.com/2403769	REPORT
	https://bugzilla.redhat.com/2403770	REPORT
	https://bugzilla.redhat.com/2403774	REPORT
	https://bugzilla.redhat.com/2403776	REPORT
	https://errata.almalinux.org/8/ALSA-2025-18285.html	ADVISORY

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "firefox"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "140.4.0-3.el8_10.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.  \n\nSecurity Fix(es):  \n\n  * thunderbird: firefox: Memory safety bugs (CVE-2025-11714)\n  * thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures (CVE-2025-11709)\n  * thunderbird: firefox: Cross-process information leaked due to malicious IPC messages (CVE-2025-11710)\n  * thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance() (CVE-2025-11708)\n  * thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type (CVE-2025-11712)\n  * thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 (CVE-2025-11715)\n  * thunderbird: firefox: Some non-writable Object properties could be modified (CVE-2025-11711)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
  "id": "ALSA-2025:18285",
  "modified": "2025-10-20T11:50:28Z",
  "published": "2025-10-20T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2025:18285"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11708"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11709"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11710"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11711"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11712"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11714"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11715"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403763"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403765"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403768"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403769"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403770"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403774"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403776"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/8/ALSA-2025-18285.html"
    }
  ],
  "related": [
    "CVE-2025-11714",
    "CVE-2025-11709",
    "CVE-2025-11710",
    "CVE-2025-11708",
    "CVE-2025-11712",
    "CVE-2025-11715",
    "CVE-2025-11711"
  ],
  "summary": "Important: firefox security update"
}

alsa-2025:18320

Vulnerability from osv_almalinux

Published

2025-10-20 00:00

Modified

2025-10-22 10:33

Summary

Important: thunderbird security update

Details

Mozilla Thunderbird is a standalone mail and newsgroup client.

Security Fix(es):

thunderbird: firefox: Memory safety bugs (CVE-2025-11714)
thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures (CVE-2025-11709)
thunderbird: firefox: Cross-process information leaked due to malicious IPC messages (CVE-2025-11710)
thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance() (CVE-2025-11708)
thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type (CVE-2025-11712)
thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 (CVE-2025-11715)
thunderbird: firefox: Some non-writable Object properties could be modified (CVE-2025-11711)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

URL

Type

	https://access.redhat.com/errata/RHSA-2025:18320	ADVISORY
	https://access.redhat.com/security/cve/CVE-2025-11708	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11709	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11710	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11711	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11712	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11714	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11715	REPORT
	https://bugzilla.redhat.com/2403763	REPORT
	https://bugzilla.redhat.com/2403765	REPORT
	https://bugzilla.redhat.com/2403768	REPORT
	https://bugzilla.redhat.com/2403769	REPORT
	https://bugzilla.redhat.com/2403770	REPORT
	https://bugzilla.redhat.com/2403774	REPORT
	https://bugzilla.redhat.com/2403776	REPORT
	https://errata.almalinux.org/10/ALSA-2025-18320.html	ADVISORY

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:10",
        "name": "thunderbird"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "140.4.0-2.el10_0.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "Mozilla Thunderbird is a standalone mail and newsgroup client.  \n\nSecurity Fix(es):  \n\n  * thunderbird: firefox: Memory safety bugs (CVE-2025-11714)\n  * thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures (CVE-2025-11709)\n  * thunderbird: firefox: Cross-process information leaked due to malicious IPC messages (CVE-2025-11710)\n  * thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance() (CVE-2025-11708)\n  * thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type (CVE-2025-11712)\n  * thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 (CVE-2025-11715)\n  * thunderbird: firefox: Some non-writable Object properties could be modified (CVE-2025-11711)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
  "id": "ALSA-2025:18320",
  "modified": "2025-10-22T10:33:35Z",
  "published": "2025-10-20T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2025:18320"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11708"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11709"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11710"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11711"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11712"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11714"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11715"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403763"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403765"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403768"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403769"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403770"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403774"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403776"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/10/ALSA-2025-18320.html"
    }
  ],
  "related": [
    "CVE-2025-11714",
    "CVE-2025-11709",
    "CVE-2025-11710",
    "CVE-2025-11708",
    "CVE-2025-11712",
    "CVE-2025-11715",
    "CVE-2025-11711"
  ],
  "summary": "Important: thunderbird security update"
}

alsa-2025:18321

Vulnerability from osv_almalinux

Published

2025-10-20 00:00

Modified

2025-10-22 10:38

Summary

Important: thunderbird security update

Details

Mozilla Thunderbird is a standalone mail and newsgroup client.

Security Fix(es):

thunderbird: firefox: Memory safety bugs (CVE-2025-11714)
thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures (CVE-2025-11709)
thunderbird: firefox: Cross-process information leaked due to malicious IPC messages (CVE-2025-11710)
thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance() (CVE-2025-11708)
thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type (CVE-2025-11712)
thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 (CVE-2025-11715)
thunderbird: firefox: Some non-writable Object properties could be modified (CVE-2025-11711)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

URL

Type

	https://access.redhat.com/errata/RHSA-2025:18321	ADVISORY
	https://access.redhat.com/security/cve/CVE-2025-11708	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11709	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11710	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11711	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11712	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11714	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11715	REPORT
	https://bugzilla.redhat.com/2403763	REPORT
	https://bugzilla.redhat.com/2403765	REPORT
	https://bugzilla.redhat.com/2403768	REPORT
	https://bugzilla.redhat.com/2403769	REPORT
	https://bugzilla.redhat.com/2403770	REPORT
	https://bugzilla.redhat.com/2403774	REPORT
	https://bugzilla.redhat.com/2403776	REPORT
	https://errata.almalinux.org/9/ALSA-2025-18321.html	ADVISORY

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "thunderbird"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "140.4.0-2.el9_6.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "Mozilla Thunderbird is a standalone mail and newsgroup client.  \n\nSecurity Fix(es):  \n\n  * thunderbird: firefox: Memory safety bugs (CVE-2025-11714)\n  * thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures (CVE-2025-11709)\n  * thunderbird: firefox: Cross-process information leaked due to malicious IPC messages (CVE-2025-11710)\n  * thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance() (CVE-2025-11708)\n  * thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type (CVE-2025-11712)\n  * thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 (CVE-2025-11715)\n  * thunderbird: firefox: Some non-writable Object properties could be modified (CVE-2025-11711)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
  "id": "ALSA-2025:18321",
  "modified": "2025-10-22T10:38:17Z",
  "published": "2025-10-20T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2025:18321"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11708"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11709"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11710"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11711"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11712"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11714"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11715"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403763"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403765"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403768"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403769"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403770"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403774"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403776"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/9/ALSA-2025-18321.html"
    }
  ],
  "related": [
    "CVE-2025-11714",
    "CVE-2025-11709",
    "CVE-2025-11710",
    "CVE-2025-11708",
    "CVE-2025-11712",
    "CVE-2025-11715",
    "CVE-2025-11711"
  ],
  "summary": "Important: thunderbird security update"
}

alsa-2025:18983

Vulnerability from osv_almalinux

Published

2025-10-22 00:00

Modified

2025-10-27 08:16

Summary

Important: thunderbird security update

Details

Mozilla Thunderbird is a standalone mail and newsgroup client.

Security Fix(es):

thunderbird: firefox: Memory safety bugs (CVE-2025-11714)
thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures (CVE-2025-11709)
thunderbird: firefox: Cross-process information leaked due to malicious IPC messages (CVE-2025-11710)
thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance() (CVE-2025-11708)
thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type (CVE-2025-11712)
thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 (CVE-2025-11715)
thunderbird: firefox: Some non-writable Object properties could be modified (CVE-2025-11711)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

URL

Type

	https://access.redhat.com/errata/RHSA-2025:18983	ADVISORY
	https://access.redhat.com/security/cve/CVE-2025-11708	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11709	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11710	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11711	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11712	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11714	REPORT
	https://access.redhat.com/security/cve/CVE-2025-11715	REPORT
	https://bugzilla.redhat.com/2403763	REPORT
	https://bugzilla.redhat.com/2403765	REPORT
	https://bugzilla.redhat.com/2403768	REPORT
	https://bugzilla.redhat.com/2403769	REPORT
	https://bugzilla.redhat.com/2403770	REPORT
	https://bugzilla.redhat.com/2403774	REPORT
	https://bugzilla.redhat.com/2403776	REPORT
	https://errata.almalinux.org/8/ALSA-2025-18983.html	ADVISORY

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "thunderbird"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "140.4.0-2.el8_10.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "Mozilla Thunderbird is a standalone mail and newsgroup client.  \n\nSecurity Fix(es):  \n\n  * thunderbird: firefox: Memory safety bugs (CVE-2025-11714)\n  * thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures (CVE-2025-11709)\n  * thunderbird: firefox: Cross-process information leaked due to malicious IPC messages (CVE-2025-11710)\n  * thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance() (CVE-2025-11708)\n  * thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type (CVE-2025-11712)\n  * thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 (CVE-2025-11715)\n  * thunderbird: firefox: Some non-writable Object properties could be modified (CVE-2025-11711)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
  "id": "ALSA-2025:18983",
  "modified": "2025-10-27T08:16:53Z",
  "published": "2025-10-22T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2025:18983"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11708"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11709"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11710"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11711"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11712"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11714"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11715"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403763"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403765"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403768"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403769"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403770"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403774"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403776"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/8/ALSA-2025-18983.html"
    }
  ],
  "related": [
    "CVE-2025-11714",
    "CVE-2025-11709",
    "CVE-2025-11710",
    "CVE-2025-11708",
    "CVE-2025-11712",
    "CVE-2025-11715",
    "CVE-2025-11711"
  ],
  "summary": "Important: thunderbird security update"
}

CNVD-2025-24626

Vulnerability from cnvd - Published: 2025-10-23

Title

多款Mozilla产品代码执行漏洞（CNVD-2025-24626）

Description

Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。Mozilla Firefox ESR是Firefox（Web浏览器）的一个延长支持版本。Mozilla Thunderbird是电子邮件客户端软件，支持IMAP、POP邮件协议以及HTML邮件格式。多款Mozilla产品存在代码执行漏洞，攻击者可利用该漏洞执行任意代码或导致拒绝服务。

Severity

高

Patch Name

多款Mozilla产品代码执行漏洞（CNVD-2025-24626）的补丁

Patch Description

Formal description

厂商已提供漏洞修复方案，请关注厂商主页更新： https://bugzilla.mozilla.org/buglist.cgi?bug_id=1973699%2C1989945%2C1990970%2C1991040%2C1992113

Reference

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1973699%2C1989945%2C1990970%2C1991040%2C1992113

Impacted products

Name
['Mozilla Firefox <144', 'Mozilla Firefox ESR <115.29', 'Mozilla Firefox ESR <140.4', 'Mozilla Thunderbird <144', 'Mozilla Thunderbird <140.4']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2025-11714",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2025-11714"
    }
  },
  "description": "Mozilla Firefox\u662f\u7f8e\u56fdMozilla\u57fa\u91d1\u4f1a\u7684\u4e00\u6b3e\u5f00\u6e90Web\u6d4f\u89c8\u5668\u3002Mozilla Firefox ESR\u662fFirefox\uff08Web\u6d4f\u89c8\u5668\uff09\u7684\u4e00\u4e2a\u5ef6\u957f\u652f\u6301\u7248\u672c\u3002Mozilla Thunderbird\u662f\u7535\u5b50\u90ae\u4ef6\u5ba2\u6237\u7aef\u8f6f\u4ef6\uff0c\u652f\u6301IMAP\u3001POP\u90ae\u4ef6\u534f\u8bae\u4ee5\u53caHTML\u90ae\u4ef6\u683c\u5f0f\u3002\n\n\u591a\u6b3eMozilla\u4ea7\u54c1\u5b58\u5728\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u6216\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002",
  "formalWay": "\u5382\u5546\u5df2\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1a\r\nhttps://bugzilla.mozilla.org/buglist.cgi?bug_id=1973699%2C1989945%2C1990970%2C1991040%2C1992113",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2025-24626",
  "openTime": "2025-10-23",
  "patchDescription": "Mozilla Firefox\u662f\u7f8e\u56fdMozilla\u57fa\u91d1\u4f1a\u7684\u4e00\u6b3e\u5f00\u6e90Web\u6d4f\u89c8\u5668\u3002Mozilla Firefox ESR\u662fFirefox\uff08Web\u6d4f\u89c8\u5668\uff09\u7684\u4e00\u4e2a\u5ef6\u957f\u652f\u6301\u7248\u672c\u3002Mozilla Thunderbird\u662f\u7535\u5b50\u90ae\u4ef6\u5ba2\u6237\u7aef\u8f6f\u4ef6\uff0c\u652f\u6301IMAP\u3001POP\u90ae\u4ef6\u534f\u8bae\u4ee5\u53caHTML\u90ae\u4ef6\u683c\u5f0f\u3002\r\n\r\n\u591a\u6b3eMozilla\u4ea7\u54c1\u5b58\u5728\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u6216\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eMozilla\u4ea7\u54c1\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff08CNVD-2025-24626\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Mozilla Firefox \u003c144",
      "Mozilla Firefox ESR \u003c115.29",
      "Mozilla Firefox ESR \u003c140.4",
      "Mozilla Thunderbird \u003c144",
      "Mozilla Thunderbird \u003c140.4"
    ]
  },
  "referenceLink": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1973699%2C1989945%2C1990970%2C1991040%2C1992113",
  "serverity": "\u9ad8",
  "submitTime": "2025-10-17",
  "title": "\u591a\u6b3eMozilla\u4ea7\u54c1\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff08CNVD-2025-24626\uff09"
}

FKIE_CVE-2025-11714

Vulnerability from fkie_nvd - Published: 2025-10-14 13:15 - Updated: 2026-04-13 15:16

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
security@mozilla.org	https://bugzilla.mozilla.org/buglist.cgi?bug_id=1973699%2C1989945%2C1990970%2C1991040%2C1992113	Broken Link, Issue Tracking
security@mozilla.org	https://www.mozilla.org/security/advisories/mfsa2025-81/	Vendor Advisory
security@mozilla.org	https://www.mozilla.org/security/advisories/mfsa2025-82/	Vendor Advisory
security@mozilla.org	https://www.mozilla.org/security/advisories/mfsa2025-83/	Vendor Advisory
security@mozilla.org	https://www.mozilla.org/security/advisories/mfsa2025-84/	Vendor Advisory
security@mozilla.org	https://www.mozilla.org/security/advisories/mfsa2025-85/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2025/10/msg00015.html
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2025/10/msg00031.html

Impacted products

Vendor	Product	Version
mozilla	firefox	*
mozilla	firefox	*
mozilla	firefox	*
mozilla	thunderbird	*
mozilla	thunderbird	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*",
              "matchCriteriaId": "45205EB8-E615-4FE6-877C-231B4A29F86E",
              "versionEndExcluding": "115.29.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*",
              "matchCriteriaId": "CEE2F6DA-4331-4D6D-B01B-610DFDBE1833",
              "versionEndExcluding": "144.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*",
              "matchCriteriaId": "34B8F1CA-9F1A-4484-828E-4192CF1FEAFC",
              "versionEndExcluding": "140.4.0",
              "versionStartIncluding": "116.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C6D96D2-1E0E-4A18-B8B1-21F67E1AB441",
              "versionEndExcluding": "140.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BD75942-93B9-47A4-9762-05965EBD7FFF",
              "versionEndExcluding": "144.0",
              "versionStartIncluding": "141.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Memory safety bugs present in Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4."
    }
  ],
  "id": "CVE-2025-11714",
  "lastModified": "2026-04-13T15:16:40.350",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-10-14T13:15:37.680",
  "references": [
    {
      "source": "security@mozilla.org",
      "tags": [
        "Broken Link",
        "Issue Tracking"
      ],
      "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1973699%2C1989945%2C1990970%2C1991040%2C1992113"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.mozilla.org/security/advisories/mfsa2025-81/"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.mozilla.org/security/advisories/mfsa2025-82/"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.mozilla.org/security/advisories/mfsa2025-83/"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.mozilla.org/security/advisories/mfsa2025-84/"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.mozilla.org/security/advisories/mfsa2025-85/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00015.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00031.html"
    }
  ],
  "sourceIdentifier": "security@mozilla.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        },
        {
          "lang": "en",
          "value": "CWE-125"
        },
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-11714 (GCVE-0-2025-11714)

Solutions

Solutions

Vulnerability from osv_almalinux

Vulnerability from osv_almalinux

Vulnerability from osv_almalinux

Vulnerability from osv_almalinux

Vulnerability from osv_almalinux

Vulnerability from osv_almalinux

Tags

Sightings

Nomenclature