VDB
DEBIAN-CVE-2025-13012
DEBIAN-CVE-2025-13012
PUBLISHED
CVSS 7.5 HIGH
Race condition in the Graphics component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Firefox ESR 115.30, Thunderbird 145, and Thunderbird 140.5.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | firefox-esr | 140.3.0esr-1~deb13u1, 128.12.0, 128.12.0 |
| Debian:12 | firefox-esr | 102.15.1, 102.15.1, 102.15.1 |
| Debian:12 | thunderbird | *, 1:102.11.0-1, 1:102.12.0-1 |
| Debian:14 | firefox-esr | 0, *, 140.5.0 |
| Debian:11 | thunderbird | 0, *, * |
| Debian:13 | firefox-esr | 140.3.1, 140.3.1, 140.3.1 |
| Debian:14 | thunderbird | *, 1:132.0~b6-1, 1:130.0~b3-1 |
| Debian:13 | thunderbird | 140.4.0, 140.5.0, 140.5.0 |
Timeline
- Nov 11, 2025 CVE Published
- Apr 28, 2026 CVE Updated