Debian Firefox vulnerabilities

CVE-2025-1932 [HIGH] CVE-2025-1932: firefox - An inconsistent comparator in xslt/txNodeSorter could have resulted in potential... An inconsistent comparator in xslt/txNodeSorter could have resulted in potentially exploitable out-of-bounds access. Only affected version 122 and later. This vulnerability affects Firefox < 136, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8. Scope: local sid: resolved (fixed in 136.0-1)

CVE-2025-10534 [HIGH] CVE-2025-10534: firefox - Spoofing issue in the Site Permissions component. This vulnerability affects Fir... Spoofing issue in the Site Permissions component. This vulnerability affects Firefox < 143 and Thunderbird < 143. Scope: local sid: resolved (fixed in 143.0-1)

CVE-2025-14861 [HIGH] CVE-2025-14861: firefox - Memory safety bugs present in Firefox 146. Some of these bugs showed evidence of... Memory safety bugs present in Firefox 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 146.0.1. Scope: local sid: resolved (fixed in 146.0.1-1)

CVE-2025-10537 [HIGH] CVE-2025-10537: firefox - Memory safety bugs present in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox ... Memory safety bugs present in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3

CVE-2025-14329 [HIGH] CVE-2025-14329: firefox - Privilege escalation in the Netmonitor component. This vulnerability affects Fir... Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6. Scope: local sid: resolved (fixed in 146.0-1)

CVE-2025-13020 [HIGH] CVE-2025-13020: firefox - Use-after-free in the WebRTC: Audio/Video component. This vulnerability affects ... Use-after-free in the WebRTC: Audio/Video component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5. Scope: local sid: resolved (fixed in 145.0-1)

CVE-2025-14328 [HIGH] CVE-2025-14328: firefox - Privilege escalation in the Netmonitor component. This vulnerability affects Fir... Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6. Scope: local sid: resolved (fixed in 146.0-1)

CVE-2025-1933 [HIGH] CVE-2025-1933: firefox - On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bi... On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type. This vulnerability affects Firefox < 136, Firefox ESR < 115.21, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8. Scope: local sid: resolved (fixed in 136.0-1)

CVE-2025-1011 [HIGH] CVE-2025-1011: firefox - A bug in WebAssembly code generation could have lead to a crash. It may have bee... A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an attacker to leverage this to achieve code execution. This vulnerability affects Firefox < 135, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135. Scope: local sid: resolved (fixed in 135.0-1)

CVE-2025-1010 [HIGH] CVE-2025-1010: firefox - An attacker could have caused a use-after-free via the Custom Highlight API, lea... An attacker could have caused a use-after-free via the Custom Highlight API, leading to a potentially exploitable crash. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135. Scope: local sid: resolved (fixed in 135.0-1)

CVE-2025-14323 [HIGH] CVE-2025-14323: firefox - Privilege escalation in the DOM: Notifications component. This vulnerability aff... Privilege escalation in the DOM: Notifications component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6. Scope: local sid: resolved (fixed in 146.0-1)

CVE-2025-8029 [HIGH] CVE-2025-8029: firefox - Thunderbird executed `javascript:` URLs when used in `object` and `embed` tags. ... Thunderbird executed `javascript:` URLs when used in `object` and `embed` tags. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1. Scope: local sid: resolved (fixed in 141.0-1)

CVE-2025-1014 [HIGH] CVE-2025-1014: firefox - Certificate length was not properly checked when added to a certificate store. I... Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed. This vulnerability affects Firefox < 135, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135. Scope: local sid: resolved (fixed in 135.0-1)

CVE-2025-3030 [HIGH] CVE-2025-3030: firefox - Memory safety bugs present in Firefox 136, Thunderbird 136, Firefox ESR 128.8, a... Memory safety bugs present in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 137, Firefox ESR < 128.9, Thunderbird < 137, and Thunderbird < 128.9. Sco

CVE-2025-6432 [HIGH] CVE-2025-6432: firefox - When Multi-Account Containers was enabled, DNS requests could have bypassed a SO... When Multi-Account Containers was enabled, DNS requests could have bypassed a SOCKS proxy when the domain name was invalid or the SOCKS proxy was not responding. This vulnerability affects Firefox < 140 and Thunderbird < 140. Scope: local sid: resolved (fixed in 140.0-1)

CVE-2025-13016 [HIGH] CVE-2025-13016: firefox - Incorrect boundary conditions in the JavaScript: WebAssembly component. This vul... Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5. Scope: local sid: resolved (fixed in 145.0-1)

CVE-2025-8032 [HIGH] CVE-2025-8032: firefox - XSLT document loading did not correctly propagate the source document which bypa... XSLT document loading did not correctly propagate the source document which bypassed its CSP. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1. Scope: local sid: resolved (fixed in 141.0-1)

CVE-2025-8034 [HIGH] CVE-2025-8034: firefox - Memory safety bugs present in Firefox ESR 115.25, Firefox ESR 128.12, Thunderbir... Memory safety bugs present in Firefox ESR 115.25, Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 141, F

CVE-2025-13025 [HIGH] CVE-2025-13025: firefox - Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerabil... Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145. Scope: local sid: resolved (fixed in 145.0-1)

CVE-2025-3032 [HIGH] CVE-2025-3032: firefox - Leaking of file descriptors from the fork server to web content processes could ... Leaking of file descriptors from the fork server to web content processes could allow for privilege escalation attacks. This vulnerability affects Firefox < 137 and Thunderbird < 137. Scope: local sid: resolved (fixed in 137.0-1)