Mozilla Foundation Security Advisory 2025-89

Security Vulnerabilities fixed in Firefox ESR 115.30

Announced

November 11, 2025

Impact

high

Products

Firefox ESR

Fixed in

Firefox ESR 115.30

#CVE-2025-13012: Race condition in the Graphics component

Reporter: Irvan Kurniawan
Impact: high

References

Bug 1991458

#CVE-2025-13013: Mitigation bypass in the DOM: Core & HTML component

Reporter: Masato Kinugawa
Impact: moderate

References

Bug 1991945

#CVE-2025-13014: Use-after-free in the Audio/Video component

Reporter: Andrew Osmond
Impact: moderate

References

Bug 1994241

#CVE-2025-13015: Spoofing issue in Firefox

Reporter: Eemeli Aro
Impact: low

References

Bug 1994164

Mozilla VPN

Mozilla Monitor

Firefox Relay

MDN Plus

Thunderbird

About Mozilla

The Mozilla Manifesto

Get Involved

Blog

Mozilla Foundation

Mozilla.ai

Mozilla Ventures

Mozilla Advertising

Mozilla Builders

Mozilla New Products

Mozilla Foundation Security Advisory 2025-89

Security Vulnerabilities fixed in Firefox ESR 115.30

#CVE-2025-13012: Race condition in the Graphics component

References

#CVE-2025-13013: Mitigation bypass in the DOM: Core & HTML component

References

#CVE-2025-13014: Use-after-free in the Audio/Video component

References

#CVE-2025-13015: Spoofing issue in Firefox

References