Vulnerability-Lookup

CVE-2025-11710 (GCVE-0-2025-11710)

Vulnerability from cvelistv5 – Published: 2025-10-14 12:27 – Updated: 2025-11-03 17:31

Title

Cross-process information leaked due to malicious IPC messages

Summary

A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process. This vulnerability affects Firefox < 144, Firefox ESR < 115.29, Firefox ESR < 140.4, Thunderbird < 144, and Thunderbird < 140.4.

Severity ?

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Assigner

mozilla

References

URL

cve-2025-11710

Vulnerability from osv_almalinux

Published

2025-10-15 00:00

Modified

2025-10-20 12:30

Summary

Important: firefox security update

Details

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

Security Fix(es):

thunderbird: firefox: Memory safety bugs (CVE-2025-11714)
thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures (CVE-2025-11709)
thunderbird: firefox: Cross-process information leaked due to malicious IPC messages (CVE-2025-11710)
thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance() (CVE-2025-11708)
thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type (CVE-2025-11712)
thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 (CVE-2025-11715)
thunderbird: firefox: Some non-writable Object properties could be modified (CVE-2025-11711)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:10",
        "name": "firefox"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "140.4.0-3.el10_0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.  \n\nSecurity Fix(es):  \n\n  * thunderbird: firefox: Memory safety bugs (CVE-2025-11714)\n  * thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures (CVE-2025-11709)\n  * thunderbird: firefox: Cross-process information leaked due to malicious IPC messages (CVE-2025-11710)\n  * thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance() (CVE-2025-11708)\n  * thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type (CVE-2025-11712)\n  * thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 (CVE-2025-11715)\n  * thunderbird: firefox: Some non-writable Object properties could be modified (CVE-2025-11711)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
  "id": "ALSA-2025:18154",
  "modified": "2025-10-20T12:30:08Z",
  "published": "2025-10-15T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2025:18154"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11708"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11709"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11710"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11711"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11712"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11714"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11715"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403763"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403765"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403768"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403769"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403770"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403774"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403776"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/10/ALSA-2025-18154.html"
    }
  ],
  "related": [
    "CVE-2025-11714",
    "CVE-2025-11709",
    "CVE-2025-11710",
    "CVE-2025-11708",
    "CVE-2025-11712",
    "CVE-2025-11715",
    "CVE-2025-11711"
  ],
  "summary": "Important: firefox security update"
}

cve-2025-11710

Vulnerability from osv_almalinux

Published

2025-10-20 00:00

Modified

2025-10-22 10:38

Summary

Important: thunderbird security update

Details

Mozilla Thunderbird is a standalone mail and newsgroup client.

Security Fix(es):

thunderbird: firefox: Memory safety bugs (CVE-2025-11714)
thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures (CVE-2025-11709)
thunderbird: firefox: Cross-process information leaked due to malicious IPC messages (CVE-2025-11710)
thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance() (CVE-2025-11708)
thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type (CVE-2025-11712)
thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 (CVE-2025-11715)
thunderbird: firefox: Some non-writable Object properties could be modified (CVE-2025-11711)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "thunderbird"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "140.4.0-2.el9_6.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "Mozilla Thunderbird is a standalone mail and newsgroup client.  \n\nSecurity Fix(es):  \n\n  * thunderbird: firefox: Memory safety bugs (CVE-2025-11714)\n  * thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures (CVE-2025-11709)\n  * thunderbird: firefox: Cross-process information leaked due to malicious IPC messages (CVE-2025-11710)\n  * thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance() (CVE-2025-11708)\n  * thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type (CVE-2025-11712)\n  * thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 (CVE-2025-11715)\n  * thunderbird: firefox: Some non-writable Object properties could be modified (CVE-2025-11711)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
  "id": "ALSA-2025:18321",
  "modified": "2025-10-22T10:38:17Z",
  "published": "2025-10-20T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2025:18321"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11708"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11709"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11710"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11711"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11712"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11714"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11715"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403763"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403765"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403768"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403769"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403770"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403774"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403776"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/9/ALSA-2025-18321.html"
    }
  ],
  "related": [
    "CVE-2025-11714",
    "CVE-2025-11709",
    "CVE-2025-11710",
    "CVE-2025-11708",
    "CVE-2025-11712",
    "CVE-2025-11715",
    "CVE-2025-11711"
  ],
  "summary": "Important: thunderbird security update"
}

cve-2025-11710

Vulnerability from osv_almalinux

Published

2025-10-20 00:00

Modified

2025-10-20 11:50

Summary

Important: firefox security update

Details

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

Security Fix(es):

thunderbird: firefox: Memory safety bugs (CVE-2025-11714)
thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures (CVE-2025-11709)
thunderbird: firefox: Cross-process information leaked due to malicious IPC messages (CVE-2025-11710)
thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance() (CVE-2025-11708)
thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type (CVE-2025-11712)
thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 (CVE-2025-11715)
thunderbird: firefox: Some non-writable Object properties could be modified (CVE-2025-11711)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "firefox"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "140.4.0-3.el8_10.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.  \n\nSecurity Fix(es):  \n\n  * thunderbird: firefox: Memory safety bugs (CVE-2025-11714)\n  * thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures (CVE-2025-11709)\n  * thunderbird: firefox: Cross-process information leaked due to malicious IPC messages (CVE-2025-11710)\n  * thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance() (CVE-2025-11708)\n  * thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type (CVE-2025-11712)\n  * thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 (CVE-2025-11715)\n  * thunderbird: firefox: Some non-writable Object properties could be modified (CVE-2025-11711)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
  "id": "ALSA-2025:18285",
  "modified": "2025-10-20T11:50:28Z",
  "published": "2025-10-20T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2025:18285"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11708"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11709"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11710"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11711"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11712"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11714"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11715"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403763"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403765"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403768"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403769"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403770"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403774"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403776"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/8/ALSA-2025-18285.html"
    }
  ],
  "related": [
    "CVE-2025-11714",
    "CVE-2025-11709",
    "CVE-2025-11710",
    "CVE-2025-11708",
    "CVE-2025-11712",
    "CVE-2025-11715",
    "CVE-2025-11711"
  ],
  "summary": "Important: firefox security update"
}

cve-2025-11710

Vulnerability from osv_almalinux

Published

2025-10-20 00:00

Modified

2025-10-22 10:33

Summary

Important: thunderbird security update

Details

Mozilla Thunderbird is a standalone mail and newsgroup client.

Security Fix(es):

thunderbird: firefox: Memory safety bugs (CVE-2025-11714)
thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures (CVE-2025-11709)
thunderbird: firefox: Cross-process information leaked due to malicious IPC messages (CVE-2025-11710)
thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance() (CVE-2025-11708)
thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type (CVE-2025-11712)
thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 (CVE-2025-11715)
thunderbird: firefox: Some non-writable Object properties could be modified (CVE-2025-11711)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:10",
        "name": "thunderbird"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "140.4.0-2.el10_0.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "Mozilla Thunderbird is a standalone mail and newsgroup client.  \n\nSecurity Fix(es):  \n\n  * thunderbird: firefox: Memory safety bugs (CVE-2025-11714)\n  * thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures (CVE-2025-11709)\n  * thunderbird: firefox: Cross-process information leaked due to malicious IPC messages (CVE-2025-11710)\n  * thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance() (CVE-2025-11708)\n  * thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type (CVE-2025-11712)\n  * thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 (CVE-2025-11715)\n  * thunderbird: firefox: Some non-writable Object properties could be modified (CVE-2025-11711)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
  "id": "ALSA-2025:18320",
  "modified": "2025-10-22T10:33:35Z",
  "published": "2025-10-20T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2025:18320"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11708"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11709"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11710"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11711"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11712"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11714"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11715"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403763"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403765"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403768"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403769"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403770"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403774"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403776"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/10/ALSA-2025-18320.html"
    }
  ],
  "related": [
    "CVE-2025-11714",
    "CVE-2025-11709",
    "CVE-2025-11710",
    "CVE-2025-11708",
    "CVE-2025-11712",
    "CVE-2025-11715",
    "CVE-2025-11711"
  ],
  "summary": "Important: thunderbird security update"
}

cve-2025-11710

Vulnerability from osv_almalinux

Published

2025-10-22 00:00

Modified

2025-10-27 08:16

Summary

Important: thunderbird security update

Details

Mozilla Thunderbird is a standalone mail and newsgroup client.

Security Fix(es):

thunderbird: firefox: Memory safety bugs (CVE-2025-11714)
thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures (CVE-2025-11709)
thunderbird: firefox: Cross-process information leaked due to malicious IPC messages (CVE-2025-11710)
thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance() (CVE-2025-11708)
thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type (CVE-2025-11712)
thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 (CVE-2025-11715)
thunderbird: firefox: Some non-writable Object properties could be modified (CVE-2025-11711)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "thunderbird"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "140.4.0-2.el8_10.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "Mozilla Thunderbird is a standalone mail and newsgroup client.  \n\nSecurity Fix(es):  \n\n  * thunderbird: firefox: Memory safety bugs (CVE-2025-11714)\n  * thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures (CVE-2025-11709)\n  * thunderbird: firefox: Cross-process information leaked due to malicious IPC messages (CVE-2025-11710)\n  * thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance() (CVE-2025-11708)\n  * thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type (CVE-2025-11712)\n  * thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 (CVE-2025-11715)\n  * thunderbird: firefox: Some non-writable Object properties could be modified (CVE-2025-11711)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
  "id": "ALSA-2025:18983",
  "modified": "2025-10-27T08:16:53Z",
  "published": "2025-10-22T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2025:18983"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11708"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11709"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11710"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11711"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11712"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11714"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11715"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403763"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403765"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403768"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403769"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403770"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403774"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403776"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/8/ALSA-2025-18983.html"
    }
  ],
  "related": [
    "CVE-2025-11714",
    "CVE-2025-11709",
    "CVE-2025-11710",
    "CVE-2025-11708",
    "CVE-2025-11712",
    "CVE-2025-11715",
    "CVE-2025-11711"
  ],
  "summary": "Important: thunderbird security update"
}

cve-2025-11710

Vulnerability from osv_almalinux

Published

2025-10-15 00:00

Modified

2025-10-20 12:31

Summary

Important: firefox security update

Details

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

Security Fix(es):

thunderbird: firefox: Memory safety bugs (CVE-2025-11714)
thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures (CVE-2025-11709)
thunderbird: firefox: Cross-process information leaked due to malicious IPC messages (CVE-2025-11710)
thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance() (CVE-2025-11708)
thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type (CVE-2025-11712)
thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 (CVE-2025-11715)
thunderbird: firefox: Some non-writable Object properties could be modified (CVE-2025-11711)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "firefox"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "140.4.0-3.el9_6.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "firefox-x11"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "140.4.0-3.el9_6.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.  \n\nSecurity Fix(es):  \n\n  * thunderbird: firefox: Memory safety bugs (CVE-2025-11714)\n  * thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures (CVE-2025-11709)\n  * thunderbird: firefox: Cross-process information leaked due to malicious IPC messages (CVE-2025-11710)\n  * thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance() (CVE-2025-11708)\n  * thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type (CVE-2025-11712)\n  * thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 (CVE-2025-11715)\n  * thunderbird: firefox: Some non-writable Object properties could be modified (CVE-2025-11711)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
  "id": "ALSA-2025:18155",
  "modified": "2025-10-20T12:31:42Z",
  "published": "2025-10-15T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2025:18155"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11708"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11709"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11710"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11711"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11712"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11714"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-11715"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403763"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403765"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403768"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403769"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403770"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403774"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2403776"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/9/ALSA-2025-18155.html"
    }
  ],
  "related": [
    "CVE-2025-11714",
    "CVE-2025-11709",
    "CVE-2025-11710",
    "CVE-2025-11708",
    "CVE-2025-11712",
    "CVE-2025-11715",
    "CVE-2025-11711"
  ],
  "summary": "Important: firefox security update"
}

CERTFR-2025-AVI-0873

Vulnerability from certfr_avis - Published: 2025-10-15 - Updated: 2025-10-15

De multiples vulnérabilités ont été découvertes dans les produits Mozilla. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Mozilla	Firefox	Firefox versions antérieures à 144
Mozilla	Thunderbird	Thunderbird versions antérieures à 144
Mozilla	Firefox ESR	Firefox ESR versions antérieures à 115.29
Mozilla	Firefox ESR	Firefox ESR versions antérieures à 140.4
Mozilla	Thunderbird	Thunderbird versions antérieures à 140.4

References

Title

Publication Time

FKIE_CVE-2025-11710

Vulnerability from fkie_nvd - Published: 2025-10-14 13:15 - Updated: 2025-11-03 18:15

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
security@mozilla.org	https://bugzilla.mozilla.org/show_bug.cgi?id=1989899	Issue Tracking, Permissions Required
security@mozilla.org	https://www.mozilla.org/security/advisories/mfsa2025-81/	Vendor Advisory
security@mozilla.org	https://www.mozilla.org/security/advisories/mfsa2025-82/	Vendor Advisory
security@mozilla.org	https://www.mozilla.org/security/advisories/mfsa2025-83/	Vendor Advisory
security@mozilla.org	https://www.mozilla.org/security/advisories/mfsa2025-84/	Vendor Advisory
security@mozilla.org	https://www.mozilla.org/security/advisories/mfsa2025-85/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2025/10/msg00015.html
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2025/10/msg00031.html

Impacted products

Vendor	Product	Version
mozilla	firefox	*
mozilla	firefox	*
mozilla	firefox	*
mozilla	thunderbird	*
mozilla	thunderbird	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*",
              "matchCriteriaId": "45205EB8-E615-4FE6-877C-231B4A29F86E",
              "versionEndExcluding": "115.29.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*",
              "matchCriteriaId": "CEE2F6DA-4331-4D6D-B01B-610DFDBE1833",
              "versionEndExcluding": "144.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*",
              "matchCriteriaId": "34B8F1CA-9F1A-4484-828E-4192CF1FEAFC",
              "versionEndExcluding": "140.4.0",
              "versionStartIncluding": "116.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C6D96D2-1E0E-4A18-B8B1-21F67E1AB441",
              "versionEndExcluding": "140.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BD75942-93B9-47A4-9762-05965EBD7FFF",
              "versionEndExcluding": "144.0",
              "versionStartIncluding": "141.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process. This vulnerability affects Firefox \u003c 144, Firefox ESR \u003c 115.29, Firefox ESR \u003c 140.4, Thunderbird \u003c 144, and Thunderbird \u003c 140.4."
    }
  ],
  "id": "CVE-2025-11710",
  "lastModified": "2025-11-03T18:15:47.870",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-10-14T13:15:37.203",
  "references": [
    {
      "source": "security@mozilla.org",
      "tags": [
        "Issue Tracking",
        "Permissions Required"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1989899"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.mozilla.org/security/advisories/mfsa2025-81/"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.mozilla.org/security/advisories/mfsa2025-82/"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.mozilla.org/security/advisories/mfsa2025-83/"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.mozilla.org/security/advisories/mfsa2025-84/"
    },
    {
      "source": "security@mozilla.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.mozilla.org/security/advisories/mfsa2025-85/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00015.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00031.html"
    }
  ],
  "sourceIdentifier": "security@mozilla.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

CNVD-2025-24630

Vulnerability from cnvd - Published: 2025-10-23

Title

多款Mozilla产品信息泄露漏洞（CNVD-2025-24630）

Description

Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。Mozilla Firefox ESR是Firefox（Web浏览器）的一个延长支持版本。Mozilla Thunderbird是电子邮件客户端软件，支持IMAP、POP邮件协议以及HTML邮件格式。多款Mozilla产品存在信息泄露漏洞，攻击者可利用该漏洞获取敏感信息。

Severity

高

Patch Name

多款Mozilla产品信息泄露漏洞（CNVD-2025-24630）的补丁

Patch Description

Formal description

厂商已提供漏洞修复方案，请关注厂商主页更新： https://bugzilla.mozilla.org/show_bug.cgi?id=1989899

Reference

https://bugzilla.mozilla.org/show_bug.cgi?id=1989899

Impacted products

Name
['Mozilla Firefox <144', 'Mozilla Firefox ESR <115.29', 'Mozilla Firefox ESR <140.4', 'Mozilla Thunderbird <144', 'Mozilla Thunderbird <140.4']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2025-11710",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2025-11710"
    }
  },
  "description": "Mozilla Firefox\u662f\u7f8e\u56fdMozilla\u57fa\u91d1\u4f1a\u7684\u4e00\u6b3e\u5f00\u6e90Web\u6d4f\u89c8\u5668\u3002Mozilla Firefox ESR\u662fFirefox\uff08Web\u6d4f\u89c8\u5668\uff09\u7684\u4e00\u4e2a\u5ef6\u957f\u652f\u6301\u7248\u672c\u3002Mozilla Thunderbird\u662f\u7535\u5b50\u90ae\u4ef6\u5ba2\u6237\u7aef\u8f6f\u4ef6\uff0c\u652f\u6301IMAP\u3001POP\u90ae\u4ef6\u534f\u8bae\u4ee5\u53caHTML\u90ae\u4ef6\u683c\u5f0f\u3002 \n\n\u591a\u6b3eMozilla\u4ea7\u54c1\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002",
  "formalWay": "\u5382\u5546\u5df2\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1a\r\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1989899",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2025-24630",
  "openTime": "2025-10-23",
  "patchDescription": "Mozilla Firefox\u662f\u7f8e\u56fdMozilla\u57fa\u91d1\u4f1a\u7684\u4e00\u6b3e\u5f00\u6e90Web\u6d4f\u89c8\u5668\u3002Mozilla Firefox ESR\u662fFirefox\uff08Web\u6d4f\u89c8\u5668\uff09\u7684\u4e00\u4e2a\u5ef6\u957f\u652f\u6301\u7248\u672c\u3002Mozilla Thunderbird\u662f\u7535\u5b50\u90ae\u4ef6\u5ba2\u6237\u7aef\u8f6f\u4ef6\uff0c\u652f\u6301IMAP\u3001POP\u90ae\u4ef6\u534f\u8bae\u4ee5\u53caHTML\u90ae\u4ef6\u683c\u5f0f\u3002 \r\n\r\n\u591a\u6b3eMozilla\u4ea7\u54c1\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eMozilla\u4ea7\u54c1\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2025-24630\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Mozilla Firefox \u003c144",
      "Mozilla Firefox ESR \u003c115.29",
      "Mozilla Firefox ESR \u003c140.4",
      "Mozilla Thunderbird \u003c144",
      "Mozilla Thunderbird \u003c140.4"
    ]
  },
  "referenceLink": "https://bugzilla.mozilla.org/show_bug.cgi?id=1989899",
  "serverity": "\u9ad8",
  "submitTime": "2025-10-17",
  "title": "\u591a\u6b3eMozilla\u4ea7\u54c1\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2025-24630\uff09"
}

GHSA-FF52-484Q-63R5

Vulnerability from github – Published: 2025-10-14 15:31 – Updated: 2025-11-03 18:31

Details

Severity ?

9.8 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-11710"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-14T13:15:37Z",
    "severity": "CRITICAL"
  },
  "details": "A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process. This vulnerability affects Firefox \u003c 144, Firefox ESR \u003c 115.29, Firefox ESR \u003c 140.4, Thunderbird \u003c 144, and Thunderbird \u003c 140.4.",
  "id": "GHSA-ff52-484q-63r5",
  "modified": "2025-11-03T18:31:46Z",
  "published": "2025-10-14T15:31:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11710"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1989899"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00015.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00031.html"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2025-81"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2025-82"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2025-83"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2025-84"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2025-85"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-11710 (GCVE-0-2025-11710)

Vulnerability from osv_almalinux

Vulnerability from osv_almalinux

Vulnerability from osv_almalinux

Vulnerability from osv_almalinux

Vulnerability from osv_almalinux

Vulnerability from osv_almalinux

Solutions

Tags

Sightings

Nomenclature