PT-2025-46353 · Mozilla+9 · Firefox Esr+10

Masato Kinugawa

Publicado

2025-11-11

Atualizado

2026-02-02

CVE-2025-13013

CVSS v2.0

6.4

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 145 Firefox ESR versions prior to 140.5 Firefox ESR versions prior to 115.30

Description A mitigation bypass exists in the DOM: Core & HTML component. This issue could allow for bypassing security mitigations.

Recommendations Update Firefox to version 145 or later. Update Firefox ESR to version 140.5 or later. Update Firefox ESR to version 115.30 or later.

Correção

Protection Mechanism Failure

Authentication Bypass Using an Alternate Path or Channel

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-693CWE-288

Identificadores relacionados

ALSA-2025:21280

ALSA-2025:21281

ALSA-2025:21843

ALSA-2025:21881

ALSA-2025:22363

ALT-PU-2025-14358

ALT-PU-2025-14554

ALT-PU-2025-14878

BDU:2025-14552

CESA-2025_21881

CESA-2025_22363

CVE-2025-13013

DLA-4370-1

DLA-4372-1

DSA-6054-1

DSA-6059-1

INFSA-2025_21280

INFSA-2025_21842

INFSA-2025_21881

INFSA-2025_22363

MGASA-2025-0300

MGASA-2025-0305

OESA-2025-2770

OPENSUSE-SU-2025:15735-1

OPENSUSE-SU-2025:15738-1

OPENSUSE-SU-2025:20065-1

OPENSUSE-SU-2026:20002-1

RHSA-2025_21280

RHSA-2025_21842

RHSA-2025_21881

SUSE-SU-2025:21021-1

SUSE-SU-2025:4173-1

SUSE-SU-2025:4174-1

SUSE-SU-2025:4195-1

USN-7991-1

Produtos afetados

Alt Linux

Almalinux

Centos

Firefox

Firefox Esr

Linuxmint

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

PT-2025-46353 · Mozilla+9 · Firefox Esr+10

CVE-2025-13013

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 255