Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 448
Alerts This Week
Warning Icon 1 448

SUSE: MozillaFirefox Important Update 2026:20031-1 CVE-2025-14321

suse
Calendar Grey January 15, 2026
Dist Suse Esm H88
Update for MozillaFirefox addresses 10 important issues, including privilege escalations and JIT miscompilation fixes.
An update that solves 10 vulnerabilities can now be installed.

Summary

## This update for MozillaFirefox fixes the following issues: Changes in MozillaFirefox: Firefox Extended Support Release 140.6.0 ESR was released: * Fixed: Various security fixes. MFSA 2025-94 (bsc#1254551): * CVE-2025-14321: Use-after-free in the WebRTC: Signaling component * CVE-2025-14322: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component * CVE-2025-14323: Privilege escalation in the DOM: Notifications component * CVE-2025-14324: JIT miscompilation in the JavaScript Engine: JIT component * CVE-2025-14325: JIT miscompilation in the JavaScript Engine: JIT component * CVE-2025-14328: Privilege escalation in the Netmonitor component * CVE-2025-14329: Privilege escalation in the Netmonitor component

References

* bsc#1254551

Cross-

* CVE-2025-14321

* CVE-2025-14322

* CVE-2025-14323

* CVE-2025-14324

* CVE-2025-14325

* CVE-2025-14328

* CVE-2025-14329

* CVE-2025-14330

* CVE-2025-14331

* CVE-2025-14333

CVSS scores:

* CVE-2025-14321 ( SUSE ): 8.6

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

* CVE-2025-14321 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

* CVE-2025-14321 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

* CVE-2025-14321 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

* CVE-2025-14322 ( SUSE ): 8.6

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

* CVE-2025-14322 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

* CVE-2025-14322 ( NVD ): 8.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:20031-1
Release Date: 2026-01-12T11:35:13Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.