Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

SUSE: MozillaFirefox Important Multiple Fixes for Security 2025:21021-1

suse
Calendar Grey November 26, 2025
Dist Suse Esm H88
A security update addresses important risks in Mozilla Firefox to ensure stable operation on SUSE.
* bsc#1249391 * bsc#1250452 * bsc#1251263 * bsc#1253188

Summary

## This update for MozillaFirefox fixes the following issues: Changes in MozillaFirefox: Firefox Extended Support Release 140.5.0 ESR: * Fixed: Various security fixes (MFSA 2025-88 bsc#1253188): * CVE-2025-13012 Race condition in the Graphics component * CVE-2025-13016 Incorrect boundary conditions in the JavaScript: WebAssembly component * CVE-2025-13017 Same-origin policy bypass in the DOM: Notifications component * CVE-2025-13018 Mitigation bypass in the DOM: Security component * CVE-2025-13019 Same-origin policy bypass in the DOM: Workers component * CVE-2025-13013 Mitigation bypass in the DOM: Core & HTML component * CVE-2025-13020 Use-after-free in the WebRTC: Audio/Video component * CVE-2025-13014 Use-after-free in the Audio/Video component * CVE-2025-13015 Spoofing issue in Firefox

References

* bsc#1249391

* bsc#1250452

* bsc#1251263

* bsc#1253188

Cross-

* CVE-2025-10527

* CVE-2025-10528

* CVE-2025-10529

* CVE-2025-10532

* CVE-2025-10533

* CVE-2025-10536

* CVE-2025-10537

* CVE-2025-11708

* CVE-2025-11709

* CVE-2025-11710

* CVE-2025-11711

* CVE-2025-11712

* CVE-2025-11713

* CVE-2025-11714

* CVE-2025-11715

* CVE-2025-13012

* CVE-2025-13013

* CVE-2025-13014

* CVE-2025-13015

* CVE-2025-13016

* CVE-2025-13017

* CVE-2025-13018

* CVE-2025-13019

* CVE-2025-13020

CVSS scores:

* CVE-2025-10527 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

* CVE-2025-10528 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

* CVE-2025-10529 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

* CVE-2025-10532 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:21021-1
Release Date: 2025-11-19T16:45:48Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here