CVE-2025-13015
published 2025-11-11CVE-2025-13015: Spoofing issue in Firefox. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, and Firefox ESR 115.30.
low3.4CVSS 3.1
AVNACHPRNUIRSCCLINAN
Spoofing issue in Firefox. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, and Firefox ESR 115.30.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | firefox | < firefox 145.0-1 (sid) | firefox 145.0-1 (sid) |
| debian | firefox-esr | < firefox 145.0-1 (sid) | firefox 145.0-1 (sid) |
| debian | thunderbird | < firefox 145.0-1 (sid) | firefox 145.0-1 (sid) |
| mozilla | firefox | < 115.30.0 | 115.30.0 |
| mozilla | firefox | < 145.0 | 145.0 |
| mozilla | firefox | — | — |
| mozilla | firefox | >= 140.0 < 140.5.0 | 140.5.0 |
| mozilla | thunderbird | >= 0 < 1:140.5.0esr-1~deb11u1 | 1:140.5.0esr-1~deb11u1 |
| mozilla | thunderbird | >= 0 < 1:140.5.0esr-1~deb12u1 | 1:140.5.0esr-1~deb12u1 |
| mozilla | thunderbird | >= 0 < 1:140.5.0esr-1~deb13u1 | 1:140.5.0esr-1~deb13u1 |
| mozilla | thunderbird | >= 0 < 1:140.5.0esr-1 | 1:140.5.0esr-1 |
CVSS provenance
nvdv3.13.4LOWCVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
osv3.4LOW