Description:
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
Security Fix(es):
* firefox: Mitigation bypass in the DOM: Security component (CVE-2025-13018)
* firefox: Use-after-free in the Audio/Video component (CVE-2025-13014)
* firefox: Incorrect boundary conditions in the JavaScript: WebAssembly component (CVE-2025-13016)
* firefox: Same-origin policy bypass in the DOM: Workers component (CVE-2025-13019)
* firefox: Use-after-free in the WebRTC: Audio/Video component (CVE-2025-13020)
* firefox: Race condition in the Graphics component (CVE-2025-13012)
* firefox: Spoofing issue in Firefox (CVE-2025-13015)
* firefox: Mitigation bypass in the DOM: Core & HTML component (CVE-2025-13013)
* firefox: Same-origin policy bypass in the DOM: Notifications component (CVE-2025-13017)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
firefox-140.5.0-2.el10_1.aarch64.rpm |
a068784498e7a2af98a4028aa173967948fe04c27cfc38a238387dc9077a9f25 |
| ppc64le |
firefox-140.5.0-2.el10_1.ppc64le.rpm |
1bfd625a0fcaa79e933c2874f01362087e4e96b74dd492403dc6f16c1b8b178b |
| s390x |
firefox-140.5.0-2.el10_1.s390x.rpm |
1c178c17f38ad3971de3f5c4df7903ae4803cfbbd269f7a4eb86e15092123fd3 |
| x86_64 |
firefox-140.5.0-2.el10_1.x86_64.rpm |
d556fc9a2bcebc54ea2b457463686608be0b5bbdb3e35ec4e1519f1f8c452c41 |
| x86_64_v2 |
firefox-140.5.0-2.el10_1.x86_64_v2.rpm |
d605db38d6e5b044fdd63e9ead8a2ced0c0373cc92a68c8a02025dfff67035df |
