Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-13014

Опубликовано: 11 нояб. 2025
Источник: redhat
CVSS3: 6.1
EPSS Низкий

Описание

Use-after-free in the Audio/Video component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the Audio/Video component.

Отчет

Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10rhel10/firefox-flatpakAffected
Red Hat Enterprise Linux 10rhel10/thunderbird-flatpakAffected
Red Hat Enterprise Linux 6firefoxOut of support scope
Red Hat Enterprise Linux 6thunderbirdOut of support scope
Red Hat Enterprise Linux 7thunderbirdOut of support scope
Red Hat Enterprise Linux 10firefoxFixedRHSA-2025:2128113.11.2025
Red Hat Enterprise Linux 10thunderbirdFixedRHSA-2025:2184320.11.2025
Red Hat Enterprise Linux 10.0 Extended Update SupportfirefoxFixedRHSA-2025:2112012.11.2025
Red Hat Enterprise Linux 10.0 Extended Update SupportthunderbirdFixedRHSA-2025:2184420.11.2025
Red Hat Enterprise Linux 7 Extended Lifecycle SupportfirefoxFixedRHSA-2025:2237101.12.2025

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-825
https://bugzilla.redhat.com/show_bug.cgi?id=2414080firefox: thunderbird: Use-after-free in the Audio/Video component

EPSS

Процентиль: 26%
0.00095
Низкий

6.1 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-13014

CVSS3: 8.8
ubuntu
5 месяцев назад

Use-after-free in the Audio/Video component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.

nvd логотип

CVE-2025-13014

CVSS3: 8.8
nvd
5 месяцев назад

Use-after-free in the Audio/Video component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.

debian логотип

CVE-2025-13014

CVSS3: 8.8
debian
5 месяцев назад

Use-after-free in the Audio/Video component. This vulnerability affect ...

github логотип

GHSA-8q64-5xmq-2f45

CVSS3: 8.8
github
5 месяцев назад

Use-after-free in the Audio/Video component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, and Firefox ESR < 115.30.

fstec логотип

BDU:2025-14550

CVSS3: 4.3
fstec
5 месяцев назад

Уязвимость компонента Audio/Video браузеров Mozilla Firefox и Firefox ESR, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 26%
0.00095
Низкий

6.1 Medium

CVSS3