CNNVD-202511-1174 Information

Nov 11, 2025 cve

CNNVD ID

CNNVD-202511-1174

CVE-2025-13018

CNNVD Published: 2025-11-11

Description (Chinese)

Mozilla Firefox和Mozilla Firefox ESR都是美国Mozilla基金会的产品。Mozilla Firefox是一款开源Web浏览器。Mozilla Firefox ESR是Firefox(Web浏览器)的一个延长支持版本。 Mozilla Firefox 145之前版本和Mozilla Firefox ESR 140.5之前版本存在安全漏洞，该漏洞源于DOM安全组件存在缓解绕过问题。

Description (English)

Mozilla Firefox and Mozilla Firefox ESR are products of the Mozilla Foundation in the United States. Mozilla Firefox is an open-source Web browser. Mozilla Firefox ESR is an extended support version of Firefox (Web Browser). Pre-Mozilla Firefox 145 and pre-Mozilla Firefox ESR 1405 had a security loophole, which stemmed from the mitigation bypass of the DOM security component.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Mozilla

Published

2025-11-11

Last Modified

2026-02-24

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1984940 https://www.mozilla.org/security/advisories/mfsa2025-87/ https://www.mozilla.org/security/advisories/mfsa2025-88/ https://www.mozilla.org/security/advisories/mfsa2025-90/ https://www.mozilla.org/security/advisories/mfsa2025-91/ https://access.redhat.com/security/cve/cve-2025-13018

Patch

https://www.firefox.com/

Share on: