CVE-2025-49709
published 2025-06-11CVE-2025-49709: Certain canvas operations could have lead to memory corruption. This vulnerability was fixed in Firefox 139.0.4.
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
Certain canvas operations could have lead to memory corruption. This vulnerability was fixed in Firefox 139.0.4.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | firefox | < firefox 139.0.4-1 (sid) | firefox 139.0.4-1 (sid) |
| mozilla | firefox | < 139.0.4 | 139.0.4 |
| mozilla | firefox | — | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL