PT-2025-46354 · Mozilla+9 · Firefox Esr+10

Andrew Osmond

·

Publicado

2025-11-11

·

Atualizado

2026-02-02

·

CVE-2025-13014

CVSS v3.1

8.8

Alta

VetorAV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 145 Firefox ESR versions prior to 140.5 Firefox ESR versions prior to 115.30
Description A use-after-free issue exists in the Audio/Video component.
Recommendations Update Firefox to version 145 or later. Update Firefox ESR to version 140.5 or later. Update Firefox ESR to version 115.30 or later.

Correção

DoS

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

ALSA-2025:21280
ALSA-2025:21281
ALSA-2025:21843
ALSA-2025:21881
ALSA-2025:22363
ALT-PU-2025-14358
ALT-PU-2025-14554
ALT-PU-2025-14878
BDU:2025-14550
CESA-2025_21881
CESA-2025_22363
CVE-2025-13014
DLA-4370-1
DLA-4372-1
DSA-6054-1
DSA-6059-1
INFSA-2025_21280
INFSA-2025_21842
INFSA-2025_21881
INFSA-2025_22363
MGASA-2025-0300
MGASA-2025-0305
OESA-2025-2770
OPENSUSE-SU-2025:15735-1
OPENSUSE-SU-2025:15738-1
OPENSUSE-SU-2025:20065-1
OPENSUSE-SU-2026:20002-1
RHSA-2025_21280
RHSA-2025_21842
RHSA-2025_21881
SUSE-SU-2025:21021-1
SUSE-SU-2025:4173-1
SUSE-SU-2025:4174-1
SUSE-SU-2025:4195-1
USN-7991-1

Produtos afetados

Alt Linux
Almalinux
Centos
Firefox
Firefox Esr
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu