[Git][security-tracker-team/security-tracker][master] Track firefox issues fixed via unstable upload

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Nov 12 08:20:21 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
327ea0ba by Salvatore Bonaccorso at 2025-11-12T09:19:48+01:00
Track firefox issues fixed via unstable upload

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -415,7 +415,7 @@ CVE-2025-20010 (Use of unmaintained third party components for some Intel(R) Pro
 CVE-2025-13032 (Double fetch in sandbox kernel driver in Avast/AVG Antivirus <25.3 on  ...)
 	NOT-FOR-US: Avast/AVG Antivirus
 CVE-2025-13027 (Memory safety bugs present in Firefox 144 and Thunderbird 144. Some of ...)
-	- firefox <unfixed>
+	- firefox 145.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/#CVE-2025-13027
 CVE-2025-12953 (The Classified Listing \u2013 AI-Powered Classified ads & Business Dir ...)
 	NOT-FOR-US: WordPress plugin
@@ -466,37 +466,37 @@ CVE-2024-57695 (An issue in Agnitum Outpost Security Suite 7.5.3 (3942.608.1810)
 CVE-2017-20210 (Photo Station 5.4.1 & 5.2.7 include the security fix for the vulnerabi ...)
 	NOT-FOR-US: QNAP
 CVE-2025-13015 (Spoofing issue in Firefox. This vulnerability affects Firefox < 145, F ...)
-	- firefox <unfixed>
+	- firefox 145.0-1
 	- firefox-esr <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/#CVE-2025-13015
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-88/#CVE-2025-13015
 CVE-2025-13014 (Use-after-free in the Audio/Video component. This vulnerability affect ...)
-	- firefox <unfixed>
+	- firefox 145.0-1
 	- firefox-esr <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/#CVE-2025-13014
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-88/#CVE-2025-13014
 CVE-2025-13020 (Use-after-free in the WebRTC: Audio/Video component. This vulnerabilit ...)
-	- firefox <unfixed>
+	- firefox 145.0-1
 	- firefox-esr <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/#CVE-2025-13020
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-88/#CVE-2025-13020
 CVE-2025-13013 (Mitigation bypass in the DOM: Core & HTML component. This vulnerabilit ...)
-	- firefox <unfixed>
+	- firefox 145.0-1
 	- firefox-esr <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/#CVE-2025-13013
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-88/#CVE-2025-13013
 CVE-2025-13019 (Same-origin policy bypass in the DOM: Workers component. This vulnerab ...)
-	- firefox <unfixed>
+	- firefox 145.0-1
 	- firefox-esr <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/#CVE-2025-13019
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-88/#CVE-2025-13019
 CVE-2025-13018 (Mitigation bypass in the DOM: Security component. This vulnerability a ...)
-	- firefox <unfixed>
+	- firefox 145.0-1
 	- firefox-esr <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/#CVE-2025-13018
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-88/#CVE-2025-13018
 CVE-2025-13017 (Same-origin policy bypass in the DOM: Notifications component. This vu ...)
-	- firefox <unfixed>
+	- firefox 145.0-1
 	- firefox-esr <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/#CVE-2025-13017
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-88/#CVE-2025-13017
@@ -504,29 +504,29 @@ CVE-2025-13026 (Sandbox escape due to incorrect boundary conditions in the Graph
 	- firefox <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/#CVE-2025-13026
 CVE-2025-13025 (Incorrect boundary conditions in the Graphics: WebGPU component. This  ...)
-	- firefox <unfixed>
+	- firefox 145.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/#CVE-2025-13025
 CVE-2025-13024 (JIT miscompilation in the JavaScript Engine: JIT component. This vulne ...)
-	- firefox <unfixed>
+	- firefox 145.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/#CVE-2025-13024
 CVE-2025-13016 (Incorrect boundary conditions in the JavaScript: WebAssembly component ...)
-	- firefox <unfixed>
+	- firefox 145.0-1
 	- firefox-esr <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/#CVE-2025-13016
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-88/#CVE-2025-13016
 CVE-2025-13023 (Sandbox escape due to incorrect boundary conditions in the Graphics: W ...)
-	- firefox <unfixed>
+	- firefox 145.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/#CVE-2025-13023
 CVE-2025-13012 (Race condition in the Graphics component. This vulnerability affects F ...)
-	- firefox <unfixed>
+	- firefox 145.0-1
 	- firefox-esr <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/#CVE-2025-13012
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-88/#CVE-2025-13012
 CVE-2025-13022 (Incorrect boundary conditions in the Graphics: WebGPU component. This  ...)
-	- firefox <unfixed>
+	- firefox 145.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/#CVE-2025-13022
 CVE-2025-13021 (Incorrect boundary conditions in the Graphics: WebGPU component. This  ...)
-	- firefox <unfixed>
+	- firefox 145.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/#CVE-2025-13021
 CVE-2025-9524 (The VAPIX API port.cgi did not have sufficient input validation, which ...)
 	NOT-FOR-US: Axis Communication



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/327ea0ba52eb10c1010c02fa460e0d33b57f16f1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/327ea0ba52eb10c1010c02fa460e0d33b57f16f1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251112/31a7a53a/attachment.htm>

More information about the debian-security-tracker-commits mailing list