CVE-2025-9182
published 2025-08-19CVE-2025-9182: Denial-of-service due to out-of-memory in the Graphics: WebRender component. This vulnerability was fixed in Firefox 142, Firefox ESR 140.2, Thunderbird 142…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
Denial-of-service due to out-of-memory in the Graphics: WebRender component. This vulnerability was fixed in Firefox 142, Firefox ESR 140.2, Thunderbird 142, and Thunderbird 140.2.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | firefox | < firefox 142.0-1 (sid) | firefox 142.0-1 (sid) |
| mozilla | firefox | < 140.2.0 | 140.2.0 |
| mozilla | firefox | < 142.0 | 142.0 |
| mozilla | firefox | — | — |
| mozilla | thunderbird | < 140.2.0 | 140.2.0 |
| mozilla | thunderbird | < 142.0 | 142.0 |
| mozilla | thunderbird | >= 0 < 1:140.7.1+build1-0ubuntu0.22.04.1 | 1:140.7.1+build1-0ubuntu0.22.04.1 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH