DEBIAN-CVE-2025-9179

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2025-9179
Import Source
https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-9179.json
JSON Data
https://api.osv.dev/v1/vulns/DEBIAN-CVE-2025-9179
Upstream
Downstream
Published
2025-08-19T21:15:30.247Z
Modified
2026-04-14T05:04:51.274790Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. This vulnerability was fixed in Firefox 142, Firefox ESR 115.27, Firefox ESR 128.14, Firefox ESR 140.2, Thunderbird 142, Thunderbird 128.14, and Thunderbird 140.2.

References

Affected packages

Debian:11
firefox-esr

Package

Name
firefox-esr
Purl
pkg:deb/debian/firefox-esr?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
128.14.0esr-1~deb11u1

Affected versions

78.*
78.12.0esr-1
78.13.0esr-1~deb9u1
78.13.0esr-1~deb10u1
78.13.0esr-1~deb11u1
78.13.0esr-1
78.14.0esr-1~deb9u1
78.14.0esr-1~deb10u1
78.14.0esr-1~deb11u1
78.14.0esr-1
78.15.0esr-1~deb9u1
78.15.0esr-1~deb10u1
78.15.0esr-1~deb11u1
91.*
91.0esr-1
91.0.1esr-1
91.1.0esr-1
91.2.0esr-1
91.3.0esr-1
91.3.0esr-2
91.4.0esr-1
91.4.1esr-1~deb9u1
91.4.1esr-1~deb11u1
91.5.0esr-1~deb9u1
91.5.0esr-1~deb10u1
91.5.0esr-1~deb11u1
91.5.0esr-1
91.5.1esr-1
91.6.0esr-1~deb9u1
91.6.0esr-1~deb10u1
91.6.0esr-1~deb11u1
91.6.0esr-1
91.6.1esr-1~deb9u1
91.6.1esr-1~deb10u1
91.6.1esr-1~deb11u1
91.6.1esr-1
91.7.0esr-1~deb9u1
91.7.0esr-1~deb10u1
91.7.0esr-1~deb11u1
91.7.0esr-1
91.8.0esr-1~deb9u1
91.8.0esr-1~deb10u1
91.8.0esr-1~deb11u1
91.8.0esr-1
91.9.0esr-1~deb9u1
91.9.0esr-1~deb10u1
91.9.0esr-1~deb11u1
91.9.0esr-1
91.9.1esr-1~deb9u1
91.9.1esr-1~deb10u1
91.9.1esr-1~deb11u1
91.9.1esr-1
91.10.0esr-1~deb9u1
91.10.0esr-1~deb10u1
91.10.0esr-1~deb11u1
91.10.0esr-1
91.11.0esr-1~deb9u1
91.11.0esr-1~deb10u1
91.11.0esr-1~deb11u1
91.11.0esr-1
91.12.0esr-1~deb10u1
91.12.0esr-1~deb11u1
91.12.0esr-1
91.13.0esr-1~deb10u1
91.13.0esr-1~deb11u1
102.*
102.1.0esr-1
102.1.0esr-2
102.2.0esr-1
102.3.0esr-1~deb10u1
102.3.0esr-1~deb10u2
102.3.0esr-1~deb11u1
102.3.0esr-1
102.4.0esr-1~deb10u1
102.4.0esr-1~deb11u1
102.4.0esr-1
102.5.0esr-1~deb10u1
102.5.0esr-1~deb11u1
102.5.0esr-1
102.6.0esr-1~deb10u1
102.6.0esr-1~deb11u1
102.6.0esr-1
102.7.0esr-1~deb10u1
102.7.0esr-1~deb11u1
102.7.0esr-1
102.8.0esr-1~deb10u1
102.8.0esr-1~deb11u1
102.8.0esr-1
102.9.0esr-1~deb10u1
102.9.0esr-1~deb11u1
102.9.0esr-1
102.9.0esr-2
102.10.0esr-1~deb10u1
102.10.0esr-1~deb11u1
102.10.0esr-1
102.11.0esr-1~deb10u1
102.11.0esr-1~deb11u1
102.11.0esr-1
102.12.0esr-1~deb10u1
102.12.0esr-1~deb11u1
102.12.0esr-1~deb12u1
102.12.0esr-1
102.13.0esr-1~deb10u1
102.13.0esr-1~deb11u1
102.13.0esr-1~deb12u1
102.13.0esr-1
102.14.0esr-1~deb10u1
102.14.0esr-1~deb11u1
102.14.0esr-1~deb12u1
102.15.0esr-1~deb10u1
102.15.0esr-1~deb11u1
102.15.0esr-1~deb12u1
102.15.1esr-1~deb10u1
102.15.1esr-1~deb11u1
102.15.1esr-1~deb12u1
115.*
115.0.2esr-1
115.1.0esr-1
115.2.0esr-1
115.2.1esr-1
115.3.0esr-1~deb10u1
115.3.0esr-1~deb11u1
115.3.0esr-1~deb12u1
115.3.0esr-1
115.3.1esr-1~deb10u1
115.3.1esr-1~deb11u1
115.4.0esr-1~deb10u1
115.4.0esr-1~deb11u1
115.4.0esr-1~deb12u1
115.4.0esr-1
115.5.0esr-1~deb10u1
115.5.0esr-1~deb11u1
115.5.0esr-1~deb12u1
115.5.0esr-1
115.6.0esr-1~deb10u1
115.6.0esr-1~deb11u1
115.6.0esr-1~deb12u1
115.6.0esr-1
115.7.0esr-1~deb10u1
115.7.0esr-1~deb11u1
115.7.0esr-1~deb12u1
115.7.0esr-1
115.8.0esr-1~deb10u1
115.8.0esr-1~deb11u1
115.8.0esr-1~deb12u1
115.8.0esr-1
115.9.0esr-1~deb11u1
115.9.0esr-1~deb12u1
115.9.0esr-1
115.9.0esr-2
115.9.1esr-1~deb10u1
115.9.1esr-1~deb11u1
115.9.1esr-1~deb12u1
115.9.1esr-1
115.10.0esr-1~deb10u1
115.10.0esr-1~deb11u1
115.10.0esr-1~deb12u1
115.10.0esr-1
115.11.0esr-1~deb10u1
115.11.0esr-1~deb11u1
115.11.0esr-1~deb12u1
115.11.0esr-1
115.12.0esr-1~deb10u1
115.12.0esr-1~deb11u1
115.12.0esr-1~deb12u1
115.12.0esr-1
115.13.0esr-1~deb11u1
115.13.0esr-1~deb12u1
115.13.0esr-1
115.13.0esr-2
115.14.0esr-1~deb11u1
115.14.0esr-1~deb12u1
115.14.0esr-1
115.15.0esr-1~deb11u1
115.15.0esr-1~deb12u1
115.15.0esr-1
128.*
128.3.0esr-1~deb11u1
128.3.0esr-1~deb11u2
128.3.0esr-1~deb12u1
128.3.0esr-1
128.3.0esr-2
128.3.1esr-1~deb11u1
128.3.1esr-1~deb12u1
128.3.1esr-1
128.3.1esr-2
128.4.0esr-1~deb11u1
128.4.0esr-1~deb12u1
128.4.0esr-1
128.5.0esr-1~deb11u1
128.5.0esr-1~deb12u1
128.5.0esr-1
128.5.1esr-1
128.6.0esr-1~deb11u1
128.6.0esr-1~deb11u2
128.6.0esr-1~deb11u3
128.6.0esr-1~deb12u1
128.6.0esr-1
128.6.0esr-2
128.6.0esr-3
128.6.0esr-4
128.7.0esr-1~deb11u1
128.7.0esr-1~deb12u1
128.7.0esr-1
128.8.0esr-1~deb11u1
128.8.0esr-1~deb12u1
128.8.0esr-1
128.9.0esr-1~deb11u1
128.9.0esr-1~deb12u1
128.9.0esr-1
128.9.0esr-2
128.10.0esr-1~deb12u1
128.10.0esr-1
128.10.1esr-1~deb11u1
128.10.1esr-1~deb12u1
128.10.1esr-1
128.11.0esr-1~deb11u1
128.11.0esr-1~deb12u1
128.11.0esr-1
128.12.0esr-1~deb11u1
128.12.0esr-1~deb12u1
128.12.0esr-1
128.13.0esr-1~deb11u1
128.13.0esr-1~deb12u1
128.13.0esr-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-9179.json"
thunderbird

Package

Name
thunderbird
Purl
pkg:deb/debian/thunderbird?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:128.14.0esr-1~deb11u1

Affected versions

1:78.*
1:78.12.0-1
1:78.13.0-1~deb9u1
1:78.13.0-1~deb10u1
1:78.13.0-1~deb11u1
1:78.13.0-1
1:78.14.0-1~deb9u1
1:78.14.0-1~deb10u1
1:78.14.0-1~deb11u1
1:78.14.0-1
1:84.*
1:84.0~b3-1
1:85.*
1:85.0~b3-1
1:86.*
1:86.0~b3-1
1:88.*
1:88.0~b2-1
1:89.*
1:89.0~b2-1
1:90.*
1:90.0~b2-1
1:91.*
1:91.0~b1-1
1:91.0~b3-1
1:91.0~b5-1
1:91.0-1
1:91.0.2-1
1:91.1.0-1
1:91.1.1-1
1:91.2.0-1
1:91.2.1-1
1:91.3.0-1
1:91.3.2-1
1:91.4.0-1
1:91.4.1-1~deb9u1
1:91.4.1-1~deb10u1
1:91.4.1-1~deb11u1
1:91.4.1-1
1:91.5.0-1~deb9u1
1:91.5.0-1
1:91.5.0-2~deb10u1
1:91.5.0-2~deb11u1
1:91.5.0-2
1:91.5.1-1
1:91.6.0-1~deb9u1
1:91.6.0-1~deb10u1
1:91.6.0-1~deb11u1
1:91.6.0-1
1:91.6.1-1~deb9u1
1:91.6.1-1~deb10u1
1:91.6.1-1~deb11u1
1:91.6.1-1
1:91.6.2-1~deb9u1
1:91.6.2-1~deb10u1
1:91.6.2-1~deb11u1
1:91.6.2-1
1:91.7.0-1
1:91.7.0-2~deb9u1
1:91.7.0-2~deb10u1
1:91.7.0-2~deb11u1
1:91.7.0-2
1:91.8.0-1~deb9u1
1:91.8.0-1~deb10u1
1:91.8.0-1~deb11u1
1:91.8.0-1
1:91.8.1-1
1:91.9.0-1~deb9u1
1:91.9.0-1~deb10u1
1:91.9.0-1~deb11u1
1:91.9.0-1
1:91.10.0-1~deb9u1
1:91.10.0-1~deb10u1
1:91.10.0-1~deb11u1
1:91.10.0-1
1:91.11.0-1~deb10u1
1:91.11.0-1~deb11u1
1:91.11.0-1
1:91.12.0-1~deb10u1
1:91.12.0-1~deb11u1
1:91.13.0-1~deb10u1
1:91.13.0-1~deb11u1
1:102.*
1:102.0~b4-1
1:102.0~b7-1
1:102.0.1-1
1:102.0.2-1
1:102.1.0-1
1:102.1.1-1
1:102.1.2-1
1:102.2.0-1
1:102.2.1-1
1:102.2.2-1
1:102.3.0-1~deb10u1
1:102.3.0-1~deb11u1
1:102.3.0-1
1:102.3.1-1
1:102.3.2-1
1:102.3.3-1
1:102.4.0-1~deb10u1
1:102.4.0-1~deb11u1
1:102.4.0-1
1:102.4.1-1
1:102.5.0-1~deb10u1
1:102.5.0-1~deb11u1
1:102.5.0-1
1:102.5.1-1
1:102.6.0-1~deb10u1
1:102.6.0-1~deb11u1
1:102.6.0-1
1:102.7.1-1
1:102.7.1+1-1
1:102.7.2-1
1:102.8.0-1~deb10u1
1:102.8.0-1~deb11u1
1:102.8.0-1
1:102.9.0-1~deb10u1
1:102.9.0-1~deb11u1
1:102.9.0-1
1:102.9.1-1
1:102.10.0-1~deb10u1
1:102.10.0-1~deb11u1
1:102.10.0-1
1:102.11.0-1~deb10u1
1:102.11.0-1~deb11u1
1:102.11.0-1
1:102.12.0-1~deb10u1
1:102.12.0-1~deb11u1
1:102.12.0-1~deb12u1
1:102.12.0-1
1:102.13.0-1~deb10u1
1:102.13.0-1~deb11u1
1:102.13.0-1~deb12u1
1:102.13.0-1
1:102.13.1-1~deb10u1
1:102.13.1-1~deb11u1
1:102.13.1-1~deb12u1
1:102.13.1-1
1:102.14.0-1~deb10u1
1:102.14.0-1~deb11u1
1:102.14.0-1~deb12u1
1:102.15.0-1~deb10u1
1:102.15.0-1~deb11u1
1:102.15.0-1~deb12u1
1:102.15.1-1~deb10u1
1:102.15.1-1~deb11u1
1:102.15.1-1~deb12u1
1:103.*
1:103.0~b5-1
1:104.*
1:104.0~b2-1
1:110.*
1:110.0~b4-1
1:112.*
1:112.0~b1-1
1:113.*
1:113.0~b3-1
1:114.*
1:114.0~b2-1
1:115.*
1:115.0~b4-1
1:115.0~b6-1
1:115.0-1
1:115.0.1-1
1:115.0.1-2
1:115.1.0-1
1:115.1.1-1
1:115.2.0-1
1:115.2.2-1
1:115.3.0-1~deb12u1
1:115.3.0-1
1:115.3.1-1~deb10u1
1:115.3.1-1~deb11u1
1:115.3.1-1~deb12u1
1:115.3.1-1
1:115.4.1-1~deb10u1
1:115.4.1-1~deb11u1
1:115.4.1-1~deb12u1
1:115.4.1-1
1:115.5.0-1~deb10u1
1:115.5.0-1~deb11u1
1:115.5.0-1~deb12u1
1:115.5.0-1
1:115.5.1-1
1:115.5.2-1
1:115.6.0-1~deb10u1
1:115.6.0-1~deb11u1
1:115.6.0-1~deb12u1
1:115.6.0-1
1:115.7.0-1~deb10u1
1:115.7.0-1~deb11u1
1:115.7.0-1~deb12u1
1:115.7.0-1
1:115.8.0-1~deb10u1
1:115.8.0-1~deb11u1
1:115.8.0-1~deb12u1
1:115.8.0-1
1:115.8.1-1
1:115.9.0-1~deb10u1
1:115.9.0-1~deb11u1
1:115.9.0-1~deb12u1
1:115.9.0-1
1:115.10.1-1~deb10u1
1:115.10.1-1~deb11u1
1:115.10.1-1~deb12u1
1:115.10.1-1
1:115.11.0-1~deb10u1
1:115.11.0-1~deb11u1
1:115.11.0-1~deb12u1
1:115.11.0-1
1:115.12.0-1~deb10u1
1:115.12.0-1~deb11u1
1:115.12.0-1~deb12u1
1:115.12.0-1
1:115.13.0-1~deb11u1
1:115.13.0-1~deb12u1
1:115.13.0-1
1:115.14.0-1~deb11u1
1:115.14.0-1~deb12u1
1:115.15.0-1~deb11u1
1:115.15.0-1~deb12u1
1:115.16.0esr-1~deb11u1
1:115.16.0esr-1~deb12u1
1:116.*
1:116.0~b7-1
1:117.*
1:117.0~b5-1
1:120.*
1:120.0~b1-1
1:121.*
1:121.0~b3-1
1:122.*
1:122.0~b2-1
1:124.*
1:124.0~b5-1
1:125.*
1:125.0~b3-1
1:127.*
1:127.0~b5-1
1:128.*
1:128.0~b5-1
1:128.0esr-1
1:128.1.0esr-1
1:128.1.1esr-1
1:128.2.0esr-1
1:128.2.1esr-1
1:128.2.3esr-1
1:128.3.0esr-1
1:128.3.2esr-1
1:128.4.0esr-1~deb11u1
1:128.4.0esr-1~deb12u1
1:128.4.0esr-1
1:128.4.2esr-1
1:128.4.3esr-1~deb11u1
1:128.4.3esr-1~deb12u1
1:128.4.3esr-1
1:128.5.0esr-1~deb11u1
1:128.5.0esr-1~deb12u1
1:128.5.0esr-1
1:128.5.2esr-1
1:128.6.0esr-1~deb11u1
1:128.6.0esr-1~deb12u1
1:128.6.0esr-1
1:128.7.0esr-1~deb11u1
1:128.7.0esr-1~deb12u1
1:128.7.0esr-1
1:128.8.0esr-1~deb11u1
1:128.8.0esr-1~deb12u1
1:128.8.0esr-1
1:128.9.0esr-1~deb11u1
1:128.9.0esr-1~deb12u1
1:128.9.0esr-1
1:128.10.0esr-1~deb11u1
1:128.10.0esr-1~deb12u1
1:128.10.0esr-1
1:128.10.1esr-1~deb11u1
1:128.10.1esr-1~deb12u1
1:128.10.1esr-1
1:128.11.0esr-1~deb11u1
1:128.11.0esr-1~deb12u1
1:128.11.0esr-1
1:128.12.0esr-1~deb11u1
1:128.12.0esr-1~deb12u1
1:128.12.0esr-1
1:128.13.0esr-1~deb11u1
1:128.13.0esr-1~deb12u1
1:128.13.0esr-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-9179.json"
Debian:12
firefox-esr

Package

Name
firefox-esr
Purl
pkg:deb/debian/firefox-esr?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
128.14.0esr-1~deb12u1

Affected versions

102.*
102.11.0esr-1
102.12.0esr-1~deb10u1
102.12.0esr-1~deb11u1
102.12.0esr-1~deb12u1
102.12.0esr-1
102.13.0esr-1~deb10u1
102.13.0esr-1~deb11u1
102.13.0esr-1~deb12u1
102.13.0esr-1
102.14.0esr-1~deb10u1
102.14.0esr-1~deb11u1
102.14.0esr-1~deb12u1
102.15.0esr-1~deb10u1
102.15.0esr-1~deb11u1
102.15.0esr-1~deb12u1
102.15.1esr-1~deb10u1
102.15.1esr-1~deb11u1
102.15.1esr-1~deb12u1
115.*
115.0.2esr-1
115.1.0esr-1
115.2.0esr-1
115.2.1esr-1
115.3.0esr-1~deb10u1
115.3.0esr-1~deb11u1
115.3.0esr-1~deb12u1
115.3.0esr-1
115.3.1esr-1~deb10u1
115.3.1esr-1~deb11u1
115.4.0esr-1~deb10u1
115.4.0esr-1~deb11u1
115.4.0esr-1~deb12u1
115.4.0esr-1
115.5.0esr-1~deb10u1
115.5.0esr-1~deb11u1
115.5.0esr-1~deb12u1
115.5.0esr-1
115.6.0esr-1~deb10u1
115.6.0esr-1~deb11u1
115.6.0esr-1~deb12u1
115.6.0esr-1
115.7.0esr-1~deb10u1
115.7.0esr-1~deb11u1
115.7.0esr-1~deb12u1
115.7.0esr-1
115.8.0esr-1~deb10u1
115.8.0esr-1~deb11u1
115.8.0esr-1~deb12u1
115.8.0esr-1
115.9.0esr-1~deb11u1
115.9.0esr-1~deb12u1
115.9.0esr-1
115.9.0esr-2
115.9.1esr-1~deb10u1
115.9.1esr-1~deb11u1
115.9.1esr-1~deb12u1
115.9.1esr-1
115.10.0esr-1~deb10u1
115.10.0esr-1~deb11u1
115.10.0esr-1~deb12u1
115.10.0esr-1
115.11.0esr-1~deb10u1
115.11.0esr-1~deb11u1
115.11.0esr-1~deb12u1
115.11.0esr-1
115.12.0esr-1~deb10u1
115.12.0esr-1~deb11u1
115.12.0esr-1~deb12u1
115.12.0esr-1
115.13.0esr-1~deb11u1
115.13.0esr-1~deb12u1
115.13.0esr-1
115.13.0esr-2
115.14.0esr-1~deb11u1
115.14.0esr-1~deb12u1
115.14.0esr-1
115.15.0esr-1~deb11u1
115.15.0esr-1~deb12u1
115.15.0esr-1
128.*
128.3.0esr-1~deb11u1
128.3.0esr-1~deb11u2
128.3.0esr-1~deb12u1
128.3.0esr-1
128.3.0esr-2
128.3.1esr-1~deb11u1
128.3.1esr-1~deb12u1
128.3.1esr-1
128.3.1esr-2
128.4.0esr-1~deb11u1
128.4.0esr-1~deb12u1
128.4.0esr-1
128.5.0esr-1~deb11u1
128.5.0esr-1~deb12u1
128.5.0esr-1
128.5.1esr-1
128.6.0esr-1~deb11u1
128.6.0esr-1~deb11u2
128.6.0esr-1~deb11u3
128.6.0esr-1~deb12u1
128.6.0esr-1
128.6.0esr-2
128.6.0esr-3
128.6.0esr-4
128.7.0esr-1~deb11u1
128.7.0esr-1~deb12u1
128.7.0esr-1
128.8.0esr-1~deb11u1
128.8.0esr-1~deb12u1
128.8.0esr-1
128.9.0esr-1~deb11u1
128.9.0esr-1~deb12u1
128.9.0esr-1
128.9.0esr-2
128.10.0esr-1~deb12u1
128.10.0esr-1
128.10.1esr-1~deb11u1
128.10.1esr-1~deb12u1
128.10.1esr-1
128.11.0esr-1~deb11u1
128.11.0esr-1~deb12u1
128.11.0esr-1
128.12.0esr-1~deb11u1
128.12.0esr-1~deb12u1
128.12.0esr-1
128.13.0esr-1~deb11u1
128.13.0esr-1~deb12u1
128.13.0esr-1
128.14.0esr-1~deb11u1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-9179.json"
thunderbird

Package

Name
thunderbird
Purl
pkg:deb/debian/thunderbird?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:128.14.0esr-1~deb12u1

Affected versions

1:102.*
1:102.11.0-1
1:102.12.0-1~deb10u1
1:102.12.0-1~deb11u1
1:102.12.0-1~deb12u1
1:102.12.0-1
1:102.13.0-1~deb10u1
1:102.13.0-1~deb11u1
1:102.13.0-1~deb12u1
1:102.13.0-1
1:102.13.1-1~deb10u1
1:102.13.1-1~deb11u1
1:102.13.1-1~deb12u1
1:102.13.1-1
1:102.14.0-1~deb10u1
1:102.14.0-1~deb11u1
1:102.14.0-1~deb12u1
1:102.15.0-1~deb10u1
1:102.15.0-1~deb11u1
1:102.15.0-1~deb12u1
1:102.15.1-1~deb10u1
1:102.15.1-1~deb11u1
1:102.15.1-1~deb12u1
1:103.*
1:103.0~b5-1
1:104.*
1:104.0~b2-1
1:110.*
1:110.0~b4-1
1:112.*
1:112.0~b1-1
1:113.*
1:113.0~b3-1
1:114.*
1:114.0~b2-1
1:115.*
1:115.0~b4-1
1:115.0~b6-1
1:115.0-1
1:115.0.1-1
1:115.0.1-2
1:115.1.0-1
1:115.1.1-1
1:115.2.0-1
1:115.2.2-1
1:115.3.0-1~deb12u1
1:115.3.0-1
1:115.3.1-1~deb10u1
1:115.3.1-1~deb11u1
1:115.3.1-1~deb12u1
1:115.3.1-1
1:115.4.1-1~deb10u1
1:115.4.1-1~deb11u1
1:115.4.1-1~deb12u1
1:115.4.1-1
1:115.5.0-1~deb10u1
1:115.5.0-1~deb11u1
1:115.5.0-1~deb12u1
1:115.5.0-1
1:115.5.1-1
1:115.5.2-1
1:115.6.0-1~deb10u1
1:115.6.0-1~deb11u1
1:115.6.0-1~deb12u1
1:115.6.0-1
1:115.7.0-1~deb10u1
1:115.7.0-1~deb11u1
1:115.7.0-1~deb12u1
1:115.7.0-1
1:115.8.0-1~deb10u1
1:115.8.0-1~deb11u1
1:115.8.0-1~deb12u1
1:115.8.0-1
1:115.8.1-1
1:115.9.0-1~deb10u1
1:115.9.0-1~deb11u1
1:115.9.0-1~deb12u1
1:115.9.0-1
1:115.10.1-1~deb10u1
1:115.10.1-1~deb11u1
1:115.10.1-1~deb12u1
1:115.10.1-1
1:115.11.0-1~deb10u1
1:115.11.0-1~deb11u1
1:115.11.0-1~deb12u1
1:115.11.0-1
1:115.12.0-1~deb10u1
1:115.12.0-1~deb11u1
1:115.12.0-1~deb12u1
1:115.12.0-1
1:115.13.0-1~deb11u1
1:115.13.0-1~deb12u1
1:115.13.0-1
1:115.14.0-1~deb11u1
1:115.14.0-1~deb12u1
1:115.15.0-1~deb11u1
1:115.15.0-1~deb12u1
1:115.16.0esr-1~deb11u1
1:115.16.0esr-1~deb12u1
1:116.*
1:116.0~b7-1
1:117.*
1:117.0~b5-1
1:120.*
1:120.0~b1-1
1:121.*
1:121.0~b3-1
1:122.*
1:122.0~b2-1
1:124.*
1:124.0~b5-1
1:125.*
1:125.0~b3-1
1:127.*
1:127.0~b5-1
1:128.*
1:128.0~b5-1
1:128.0esr-1
1:128.1.0esr-1
1:128.1.1esr-1
1:128.2.0esr-1
1:128.2.1esr-1
1:128.2.3esr-1
1:128.3.0esr-1
1:128.3.2esr-1
1:128.4.0esr-1~deb11u1
1:128.4.0esr-1~deb12u1
1:128.4.0esr-1
1:128.4.2esr-1
1:128.4.3esr-1~deb11u1
1:128.4.3esr-1~deb12u1
1:128.4.3esr-1
1:128.5.0esr-1~deb11u1
1:128.5.0esr-1~deb12u1
1:128.5.0esr-1
1:128.5.2esr-1
1:128.6.0esr-1~deb11u1
1:128.6.0esr-1~deb12u1
1:128.6.0esr-1
1:128.7.0esr-1~deb11u1
1:128.7.0esr-1~deb12u1
1:128.7.0esr-1
1:128.8.0esr-1~deb11u1
1:128.8.0esr-1~deb12u1
1:128.8.0esr-1
1:128.9.0esr-1~deb11u1
1:128.9.0esr-1~deb12u1
1:128.9.0esr-1
1:128.10.0esr-1~deb11u1
1:128.10.0esr-1~deb12u1
1:128.10.0esr-1
1:128.10.1esr-1~deb11u1
1:128.10.1esr-1~deb12u1
1:128.10.1esr-1
1:128.11.0esr-1~deb11u1
1:128.11.0esr-1~deb12u1
1:128.11.0esr-1
1:128.12.0esr-1~deb11u1
1:128.12.0esr-1~deb12u1
1:128.12.0esr-1
1:128.13.0esr-1~deb11u1
1:128.13.0esr-1~deb12u1
1:128.13.0esr-1
1:128.14.0esr-1~deb11u1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-9179.json"
Debian:13
firefox-esr

Package

Name
firefox-esr
Purl
pkg:deb/debian/firefox-esr?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
128.14.0esr-1~deb13u1

Affected versions

128.*
128.13.0esr-1
128.14.0esr-1~deb11u1
128.14.0esr-1~deb12u1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-9179.json"
thunderbird

Package

Name
thunderbird
Purl
pkg:deb/debian/thunderbird?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:128.14.0esr-1~deb13u1

Affected versions

1:128.*
1:128.13.0esr-1
1:128.14.0esr-1~deb11u1
1:128.14.0esr-1~deb12u1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-9179.json"
Debian:14
firefox-esr

Package

Name
firefox-esr
Purl
pkg:deb/debian/firefox-esr?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
128.14.0esr-1

Affected versions

128.*
128.13.0esr-1
128.14.0esr-1~deb11u1
128.14.0esr-1~deb12u1
128.14.0esr-1~deb13u1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-9179.json"
thunderbird

Package

Name
thunderbird
Purl
pkg:deb/debian/thunderbird?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:128.14.0esr-1

Affected versions

1:128.*
1:128.13.0esr-1
1:128.14.0esr-1~deb11u1
1:128.14.0esr-1~deb12u1
1:128.14.0esr-1~deb13u1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-9179.json"