Search CVE reports

261 – 270 of 3127 results

Detailed view

Sort by:

CVE-2025-13020

Medium priority

Some fixes available 1 of 11

Use-after-free in the WebRTC: Audio/Video component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5.

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Not affected	—	—
thunderbird	Not affected	Not affected	Fixed	—	—
mozjs38	Not in release	Not in release	Not in release	—	Needs evaluation
mozjs52	Not in release	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Not in release	Ignored	—
mozjs78	Not in release	Not in release	Ignored	—	—
mozjs91	Not in release	Not in release	Ignored	—	—
mozjs102	Not in release	Ignored	Ignored	—	—
mozjs115	Not in release	Ignored	Not in release	—	—

CVE-2025-13019

Medium priority

Some fixes available 1 of 11

Same-origin policy bypass in the DOM: Workers component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5.

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Not affected	—	—
thunderbird	Not affected	Not affected	Fixed	—	—
mozjs38	Not in release	Not in release	Not in release	—	Needs evaluation
mozjs52	Not in release	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Not in release	Ignored	—
mozjs78	Not in release	Not in release	Ignored	—	—
mozjs91	Not in release	Not in release	Ignored	—	—
mozjs102	Not in release	Ignored	Ignored	—	—
mozjs115	Not in release	Ignored	Not in release	—	—

CVE-2025-13018

Medium priority

Some fixes available 1 of 11

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5.

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Not affected	—	—
thunderbird	Not affected	Not affected	Fixed	—	—
mozjs38	Not in release	Not in release	Not in release	—	Needs evaluation
mozjs52	Not in release	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Not in release	Ignored	—
mozjs78	Not in release	Not in release	Ignored	—	—
mozjs91	Not in release	Not in release	Ignored	—	—
mozjs102	Not in release	Ignored	Ignored	—	—
mozjs115	Not in release	Ignored	Not in release	—	—

CVE-2025-13017

Medium priority

Some fixes available 1 of 11

Same-origin policy bypass in the DOM: Notifications component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5.

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Not affected	—	—
thunderbird	Not affected	Not affected	Fixed	—	—
mozjs38	Not in release	Not in release	Not in release	—	Needs evaluation
mozjs52	Not in release	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Not in release	Ignored	—
mozjs78	Not in release	Not in release	Ignored	—	—
mozjs91	Not in release	Not in release	Ignored	—	—
mozjs102	Not in release	Ignored	Ignored	—	—
mozjs115	Not in release	Ignored	Not in release	—	—

CVE-2025-13016

Medium priority

Some fixes available 1 of 11

Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5.

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Not affected	—	—
thunderbird	Not affected	Not affected	Fixed	—	—
mozjs38	Not in release	Not in release	Not in release	—	Needs evaluation
mozjs52	Not in release	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Not in release	Ignored	—
mozjs78	Not in release	Not in release	Ignored	—	—
mozjs91	Not in release	Not in release	Ignored	—	—
mozjs102	Not in release	Ignored	Ignored	—	—
mozjs115	Not in release	Ignored	Not in release	—	—

CVE-2025-13015

Medium priority

Some fixes available 1 of 11

Spoofing issue in Firefox. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, and Firefox ESR 115.30.

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Not affected	—	—
thunderbird	Not affected	Not affected	Fixed	—	—
mozjs38	Not in release	Not in release	Not in release	—	Needs evaluation
mozjs52	Not in release	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Not in release	Ignored	—
mozjs78	Not in release	Not in release	Ignored	—	—
mozjs91	Not in release	Not in release	Ignored	—	—
mozjs102	Not in release	Ignored	Ignored	—	—
mozjs115	Not in release	Ignored	Not in release	—	—

CVE-2025-13014

Medium priority

Some fixes available 1 of 11

Use-after-free in the Audio/Video component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Firefox ESR 115.30, Thunderbird 145, and Thunderbird 140.5.

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Not affected	—	—
thunderbird	Not affected	Not affected	Fixed	—	—
mozjs38	Not in release	Not in release	Not in release	—	Needs evaluation
mozjs52	Not in release	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Not in release	Ignored	—
mozjs78	Not in release	Not in release	Ignored	—	—
mozjs91	Not in release	Not in release	Ignored	—	—
mozjs102	Not in release	Ignored	Ignored	—	—
mozjs115	Not in release	Ignored	Not in release	—	—

CVE-2025-13013

Medium priority

Some fixes available 1 of 11

Mitigation bypass in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Firefox ESR 115.30, Thunderbird 145, and Thunderbird 140.5.

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Not affected	—	—
thunderbird	Not affected	Not affected	Fixed	—	—
mozjs38	Not in release	Not in release	Not in release	—	Needs evaluation
mozjs52	Not in release	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Not in release	Ignored	—
mozjs78	Not in release	Not in release	Ignored	—	—
mozjs91	Not in release	Not in release	Ignored	—	—
mozjs102	Not in release	Ignored	Ignored	—	—
mozjs115	Not in release	Ignored	Not in release	—	—

CVE-2025-13012

Medium priority

Some fixes available 1 of 11

Race condition in the Graphics component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Firefox ESR 115.30, Thunderbird 145, and Thunderbird 140.5.

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Not affected	—	—
thunderbird	Not affected	Not affected	Fixed	—	—
mozjs38	Not in release	Not in release	Not in release	—	Needs evaluation
mozjs52	Not in release	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Not in release	Ignored	—
mozjs78	Not in release	Not in release	Ignored	—	—
mozjs91	Not in release	Not in release	Ignored	—	—
mozjs102	Not in release	Ignored	Ignored	—	—
mozjs115	Not in release	Ignored	Not in release	—	—

Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox....

2 affected packages

firefox, thunderbird

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	Not affected	Not affected	—	—
thunderbird	—	Not affected	Not affected	—	—

Export to JSON

Results by page: