CVE-2025-13012 Race condition in the Graphics component

🗓️ 11 Nov 2025 15:47:11Reported by mozillaType

Race condition in Graphics component affecting Firefox before 145 and ESR before 140.5 and 115.30.

Reporter	Title	Published	Views	Family All 371
ATTACKERKB	CVE-2025-13012	11 Nov 202515:47	–	attackerkb
Tenable Nessus	Amazon Linux 2023 : firefox (ALAS2023-2025-1298)	9 Dec 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2 : thunderbird, --advisory ALAS2-2025-3108 (ALAS-2025-3108)	5 Jan 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2 : firefox, --advisory ALAS2FIREFOX-2025-047 (ALASFIREFOX-2025-047)	8 Dec 202500:00	–	nessus
Tenable Nessus	AlmaLinux 9 : firefox (ALSA-2025:21280)	25 Nov 202500:00	–	nessus
Tenable Nessus	AlmaLinux 10 : firefox (ALSA-2025:21281)	25 Nov 202500:00	–	nessus
Tenable Nessus	AlmaLinux 10 : thunderbird (ALSA-2025:21843)	25 Nov 202500:00	–	nessus
Tenable Nessus	AlmaLinux 8 : thunderbird (ALSA-2025:21881)	25 Nov 202500:00	–	nessus
Tenable Nessus	AlmaLinux 8 : firefox (ALSA-2025:22363)	5 Dec 202500:00	–	nessus
Tenable Nessus	Debian dla-4370 : firefox-esr - security update	13 Nov 202500:00	–	nessus

[
  {
    "product": "Firefox",
    "vendor": "Mozilla",
    "versions": [
      {
        "status": "unaffected",
        "version": "115.30",
        "lessThanOrEqual": "115.*",
        "versionType": "rpm"
      },
      {
        "status": "unaffected",
        "version": "140.5",
        "lessThanOrEqual": "140.*",
        "versionType": "rpm"
      },
      {
        "status": "unaffected",
        "version": "145",
        "lessThanOrEqual": "*",
        "versionType": "rpm"
      }
    ]
  },
  {
    "product": "Thunderbird",
    "vendor": "Mozilla",
    "versions": [
      {
        "status": "unaffected",
        "version": "140.5",
        "lessThanOrEqual": "140.*",
        "versionType": "rpm"
      },
      {
        "status": "unaffected",
        "version": "145",
        "lessThanOrEqual": "*",
        "versionType": "rpm"
      }
    ]
  }
]

Source	Link
mozilla	www.mozilla.org/security/advisories/mfsa2025-87/
bugzilla	www.bugzilla.mozilla.org/show_bug.cgi
mozilla	www.mozilla.org/security/advisories/mfsa2025-91/
mozilla	www.mozilla.org/security/advisories/mfsa2025-89/
mozilla	www.mozilla.org/security/advisories/mfsa2025-90/
mozilla	www.mozilla.org/security/advisories/mfsa2025-88/

13 Apr 2026 14:26Current

EPSS0.00059