Security Advisory

Mozilla Product Security Update Advisory

  • Nov 17 2025
Mozilla Product Security Update Advisory

Overview

 

We have released security updates to fix vulnerabilities in Mozilla products. Users of affected products are advised to update to the latest version.
 

 

Affected Products

 

CVE-2025-13012, CVE-2025-13016, CVE-2025-13021, CVE-2025-13022, CVE-2025-13023, CVE-2025-13024, CVE-2025-13025, CVE-2025-13026, CVE-2025-13027

 

Firefox version: 145 and below
Firefox ESR Version: 140.5 and below
Firefox ESR version: 115.30 or earlier
Thunderbird version: below 140.5
Thunderbird version: 145 or less

 

 

Resolved Vulnerabilities

 

Race Condition Vulnerability in Graphics (CVE-2025-13012)
JavaScript: Incorrect Boundary Condition Vulnerability in WebAssembly (CVE-2025-13016)
Graphics: Incorrect Boundary Condition Vulnerability in WebGPU (CVE-2025-13021)
Graphics: Incorrect Boundary Condition Vulnerability in WebGPUs (CVE-2025-13022)
Graphics: Sandbox escape vulnerability due to incorrect boundary conditions in WebGPU (CVE-2025-13023)
JavaScript Engine: JIT misbehavior vulnerability in JIT (CVE-2025-13024)
Graphics: Incorrect Boundary Condition Vulnerability in WebGPU (CVE-2025-13025)
Graphics: Sandbox escape vulnerability due to incorrect boundary conditions in WebGPUs (CVE-2025-13026)
Memory Safety Vulnerability in Firefox and Thunderbird (CVE-2025-13027)

 

 

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

 

CVE-2025-13012, CVE-2025-13016, CVE-2025-13021, CVE-2025-13022, CVE-2025-13023, CVE-2025-13024, CVE-2025-13025, CVE-2025-13026, CVE-2025-13027

 

Firefox version: 145
Firefox ESR Version: 140.5
Firefox ESR Version: 115.30
Thunderbird Version: 140.5
Thunderbird version: 145

 

 

References

 

[1] Mozilla Foundation Security Advisory 2025-87
https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/
[2] Mozilla Foundation Security Advisory 2025-88
http://mozilla.org/en-US/security/advisories/mfsa2025-88/
[3] Mozilla Foundation Security Advisory 2025-89
https://www.mozilla.org/en-US/security/advisories/mfsa2025-89/
[4] Mozilla Foundation Security Advisory 2025-91
https://www.mozilla.org/en-US/security/advisories/mfsa2025-91/
[5] Mozilla Foundation Security Advisory 2025-90
https://www.mozilla.org/en-US/security/advisories/mfsa2025-90/

Tags:
Previous Post

Next Post