UBUNTU-CVE-2025-4082
- Source
- https://ubuntu.com/security/CVE-2025-4082
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-4082.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2025-4082
- Related
- Withdrawn
- 2025-06-23T16:00:08Z
- Published
- 2025-04-29T14:15:00Z
- Modified
- 2026-02-04T03:02:10.657848Z
- Summary
- [none]
- Details
-
Modification of specific WebGL shader attributes could trigger an out-of-bounds read, which, when chained with other vulnerabilities, could be used to escalate privileges. This bug only affects Firefox for macOS. Other versions of Firefox are unaffected. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird ESR < 128.10.
- References
-
- https://ubuntu.com/security/CVE-2025-4082
- https://www.cve.org/CVERecord?id=CVE-2025-4082
- https://www.mozilla.org/en-US/security/advisories/mfsa2025-28/#CVE-2025-4082
- https://www.mozilla.org/en-US/security/advisories/mfsa2025-29/#CVE-2025-4082
- https://www.mozilla.org/en-US/security/advisories/mfsa2025-32/#CVE-2025-4082
- https://bugzilla.mozilla.org/show_bug.cgi?id=1937097
- https://www.mozilla.org/security/advisories/mfsa2025-28/
- https://www.mozilla.org/security/advisories/mfsa2025-29/
- https://www.mozilla.org/security/advisories/mfsa2025-30/
- https://www.mozilla.org/security/advisories/mfsa2025-31/
- https://www.mozilla.org/security/advisories/mfsa2025-32/
Affected packages
Ubuntu:20.04:LTS
firefox
Package
- Name
- firefox
- Purl
- pkg:deb/ubuntu/firefox@136.0+build3-0ubuntu0.20.04.1?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
69.*
69.0.3+build1-0ubuntu1
70.*
70.0+build2-0ubuntu1
70.0+build2-0ubuntu2
70.0.1+build1-0ubuntu2
71.*
71.0+build2-0ubuntu2
71.0+build5-0ubuntu1
72.*
72.0.1+build1-0ubuntu1
72.0.2+build1-0ubuntu1
73.*
73.0+build1-0ubuntu1
73.0+build2-0ubuntu1
73.0+build3-0ubuntu1
73.0.1+build1-0ubuntu1
74.*
74.0+build1-0ubuntu1
74.0+build2-0ubuntu1
74.0+build2-0ubuntu2
74.0+build3-0ubuntu1
75.*
75.0+build3-0ubuntu1
76.*
76.0+build2-0ubuntu0.20.04.1
76.0.1+build1-0ubuntu0.20.04.1
77.*
77.0.1+build1-0ubuntu0.20.04.1
78.*
78.0.1+build1-0ubuntu0.20.04.1
78.0.2+build2-0ubuntu0.20.04.1
79.*
79.0+build1-0ubuntu0.20.04.1
80.*
80.0+build2-0ubuntu0.20.04.1
80.0.1+build1-0ubuntu0.20.04.1
81.*
81.0+build2-0ubuntu0.20.04.1
81.0.2+build1-0ubuntu0.20.04.1
82.*
82.0+build2-0ubuntu0.20.04.1
82.0.2+build1-0ubuntu0.20.04.1
82.0.3+build1-0ubuntu0.20.04.1
83.*
83.0+build2-0ubuntu0.20.04.1
84.*
84.0+build3-0ubuntu0.20.04.1
84.0.1+build1-0ubuntu0.20.04.1
84.0.2+build1-0ubuntu0.20.04.1
85.*
85.0+build1-0ubuntu0.20.04.1
85.0.1+build1-0ubuntu0.20.04.1
86.*
86.0+build3-0ubuntu0.20.04.1
86.0.1+build1-0ubuntu0.20.04.1
87.*
87.0+build3-0ubuntu0.20.04.2
88.*
88.0+build2-0ubuntu0.20.04.1
88.0.1+build1-0ubuntu0.20.04.2
89.*
89.0+build2-0ubuntu0.20.04.2
89.0.1+build1-0ubuntu0.20.04.1
89.0.2+build1-0ubuntu0.20.04.1
90.*
90.0+build1-0ubuntu0.20.04.1
90.0.2+build1-0ubuntu0.20.04.1
91.*
91.0+build2-0ubuntu0.20.04.1
91.0.1+build1-0ubuntu0.20.04.1
91.0.2+build1-0ubuntu0.20.04.1
92.*
92.0+build3-0ubuntu0.20.04.1
93.*
93.0+build1-0ubuntu0.20.04.1
94.*
94.0+build3-0ubuntu0.20.04.1
95.*
95.0+build1-0ubuntu0.20.04.1
95.0.1+build2-0ubuntu0.20.04.1
96.*
96.0+build2-0ubuntu0.20.04.1
97.*
97.0+build2-0ubuntu0.20.04.1
97.0.2+build1-0ubuntu0.20.04.1
98.*
98.0+build3-0ubuntu0.20.04.2
98.0.1+build2-0ubuntu0.20.04.1
98.0.2+build1-0ubuntu0.20.04.1
99.*
99.0+build2-0ubuntu0.20.04.2
100.*
100.0+build2-0ubuntu0.20.04.1
100.0.2+build1-0ubuntu0.20.04.1
101.*
101.0.1+build1-0ubuntu0.20.04.1
102.*
102.0+build2-0ubuntu0.20.04.1
103.*
103.0+build1-0ubuntu0.20.04.1
104.*
104.0+build3-0ubuntu0.20.04.1
105.*
105.0+build2-0ubuntu0.20.04.1
106.*
106.0.2+build1-0ubuntu0.20.04.1
106.0.5+build1-0ubuntu0.20.04.1
107.*
107.0+build2-0ubuntu0.20.04.1
108.*
108.0+build2-0ubuntu0.20.04.1
108.0.1+build1-0ubuntu0.20.04.1
108.0.2+build1-0ubuntu0.20.04.1
109.*
109.0+build2-0ubuntu0.20.04.1
109.0.1+build1-0ubuntu0.20.04.2
110.*
110.0+build3-0ubuntu0.20.04.1
110.0.1+build2-0ubuntu0.20.04.1
111.*
111.0+build2-0ubuntu0.20.04.1
111.0.1+build2-0ubuntu0.20.04.1
112.*
112.0+build2-0ubuntu0.20.04.1
112.0.1+build1-0ubuntu0.20.04.1
112.0.2+build1-0ubuntu0.20.04.1
113.*
113.0+build2-0ubuntu0.20.04.1
113.0.1+build1-0ubuntu0.20.04.1
113.0.2+build1-0ubuntu0.20.04.1
114.*
114.0+build3-0ubuntu0.20.04.1
114.0.1+build1-0ubuntu0.20.04.1
114.0.2+build1-0ubuntu0.20.04.1
115.*
115.0+build2-0ubuntu0.20.04.3
115.0.2+build1-0ubuntu0.20.04.1
116.*
116.0+build2-0ubuntu0.20.04.2
116.0.2+build1-0ubuntu0.20.04.1
116.0.3+build2-0ubuntu0.20.04.1
117.*
117.0+build2-0ubuntu0.20.04.1
117.0.1+build2-0ubuntu0.20.04.1
118.*
118.0.1+build1-0ubuntu0.20.04.1
118.0.2+build2-0ubuntu0.20.04.1
119.*
119.0+build2-0ubuntu0.20.04.1
119.0.1+build1-0ubuntu0.20.04.1
120.*
120.0+build2-0ubuntu0.20.04.1
120.0.1+build1-0ubuntu0.20.04.1
121.*
121.0+build1-0ubuntu0.20.04.1
121.0.1+build1-0ubuntu0.20.04.1
122.*
122.0+build2-0ubuntu0.20.04.1
122.0.1+build1-0ubuntu0.20.04.1
123.*
123.0+build3-0ubuntu0.20.04.1
123.0.1+build1-0ubuntu0.20.04.1
124.*
124.0+build1-0ubuntu0.20.04.1
124.0.1+build1-0ubuntu0.20.04.1
124.0.2+build1-0ubuntu0.20.04.1
125.*
125.0.2+build1-0ubuntu0.20.04.2
125.0.3+build1-0ubuntu0.20.04.1
126.*
126.0+build2-0ubuntu0.20.04.1
126.0.1+build1-0ubuntu0.20.04.1
127.*
127.0.2+build1-0ubuntu0.20.04.1
128.*
128.0+build2-0ubuntu0.20.04.1
129.*
129.0.1+build1-0ubuntu0.20.04.1
129.0.2+build1-0ubuntu0.20.04.1
130.*
130.0+build2-0ubuntu0.20.04.1
130.0.1+build1-0ubuntu0.20.04.1
131.*
131.0+build1.1-0ubuntu0.20.04.1
131.0.2+build1-0ubuntu0.20.04.1
131.0.3+build1-0ubuntu0.20.04.1
132.*
132.0+build1-0ubuntu0.20.04.1
133.*
133.0+build2-0ubuntu0.20.04.1
134.*
134.0+build1-0ubuntu0.20.04.1
135.*
135.0+build2-0ubuntu0.20.04.1
136.*
136.0+build3-0ubuntu0.20.04.1
mozjs52
mozjs68
thunderbird
Package
- Name
- thunderbird
- Purl
- pkg:deb/ubuntu/thunderbird@1:115.18.0+build1-0ubuntu0.20.04.1?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:68.*
1:68.1.2+build1-0ubuntu1
1:68.1.2+build1-0ubuntu2
1:68.2.1+build1-0ubuntu1
1:68.2.2+build1-0ubuntu1
1:68.3.0+build2-0ubuntu1
1:68.3.1+build1-0ubuntu2
1:68.4.1+build1-0ubuntu1
1:68.4.2+build2-0ubuntu1
1:68.5.0+build1-0ubuntu1
1:68.6.0+build2-0ubuntu1
1:68.7.0+build1-0ubuntu1
1:68.7.0+build1-0ubuntu2
1:68.8.0+build2-0ubuntu0.20.04.2
1:68.10.0+build1-0ubuntu0.20.04.1
1:78.*
1:78.7.1+build1-0ubuntu0.20.04.1
1:78.8.1+build1-0ubuntu0.20.04.1
1:78.11.0+build1-0ubuntu0.20.04.2
1:78.13.0+build1-0ubuntu0.20.04.2
1:78.14.0+build1-0ubuntu0.20.04.1
1:78.14.0+build1-0ubuntu0.20.04.2
1:91.*
1:91.5.0+build1-0ubuntu0.20.04.1
1:91.7.0+build2-0ubuntu0.20.04.1
1:91.8.1+build1-0ubuntu0.20.04.1
1:91.9.1+build1-0ubuntu0.20.04.1
1:91.11.0+build2-0ubuntu0.20.04.1
1:102.*
1:102.2.2+build1-0ubuntu0.20.04.1
1:102.4.2+build2-0ubuntu0.20.04.1
1:102.7.1+build2-0ubuntu0.20.04.1
1:102.8.0+build2-0ubuntu0.20.04.1
1:102.9.0+build1-0ubuntu0.20.04.1
1:102.10.0+build2-0ubuntu0.20.04.1
1:102.11.0+build1-0ubuntu0.20.04.1
1:102.13.0+build1-0ubuntu0.20.04.1
1:102.15.0+build1-0ubuntu0.20.04.1
1:102.15.1+build1-0ubuntu0.20.04.1
1:115.*
1:115.3.1+build1-0ubuntu0.20.04.1
1:115.4.1+build1-0ubuntu0.20.04.1
1:115.5.0+build1-0ubuntu0.20.04.1
1:115.6.0+build2-0ubuntu0.20.04.1
1:115.8.1+build1-0ubuntu0.20.04.1
1:115.9.0+build1-0ubuntu0.20.04.1
1:115.10.1+build1-0ubuntu0.20.04.1
1:115.11.0+build2-0ubuntu0.20.04.1
1:115.12.0+build3-0ubuntu0.20.04.1
1:115.13.0+build5-0ubuntu0.20.04.1
1:115.15.0+build1-0ubuntu0.20.04.1
1:115.16.0+build2-0ubuntu0.20.04.1
1:115.18.0+build1-0ubuntu0.20.04.1
Ubuntu:22.04:LTS
mozjs102
Package
- Name
- mozjs102
- Purl
- pkg:deb/ubuntu/mozjs102@102.15.1-0ubuntu0.22.04.1?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
mozjs78
mozjs91
thunderbird
Package
- Name
- thunderbird
- Purl
- pkg:deb/ubuntu/thunderbird@1:115.18.0+build1-0ubuntu0.22.04.1?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:91.*
1:91.1.2+build1-0ubuntu1
1:91.3.0+build2-0ubuntu1
1:91.3.1+build1-0ubuntu1
1:91.3.2+build1-0ubuntu1
1:91.4.0+build1.1-0ubuntu1
1:91.4.0+build2-0ubuntu1
1:91.5.0+build1-0ubuntu1
1:91.5.1+build1-0ubuntu1
1:91.6.1+build1-0ubuntu1
1:91.7.0+build1-0ubuntu1
1:91.7.0+build2-0ubuntu1
1:91.8.0+build2-0ubuntu1
1:91.9.1+build1-0ubuntu0.22.04.1
1:91.11.0+build2-0ubuntu0.22.04.1
1:102.*
1:102.2.2+build1-0ubuntu0.22.04.1
1:102.4.2+build2-0ubuntu0.22.04.1
1:102.7.1+build2-0ubuntu0.22.04.1
1:102.8.0+build2-0ubuntu0.22.04.1
1:102.9.0+build1-0ubuntu0.22.04.1
1:102.10.0+build2-0ubuntu0.22.04.1
1:102.11.0+build1-0ubuntu0.22.04.1
1:102.13.0+build1-0ubuntu0.22.04.1
1:102.15.0+build1-0ubuntu0.22.04.1
1:102.15.1+build1-0ubuntu0.22.04.1
1:115.*
1:115.3.1+build1-0ubuntu0.22.04.2
1:115.4.1+build1-0ubuntu0.22.04.1
1:115.5.0+build1-0ubuntu0.22.04.1
1:115.6.0+build2-0ubuntu0.22.04.1
1:115.8.1+build1-0ubuntu0.22.04.1
1:115.9.0+build1-0ubuntu0.22.04.1
1:115.10.1+build1-0ubuntu0.22.04.1
1:115.11.0+build2-0ubuntu0.22.04.1
1:115.12.0+build3-0ubuntu0.22.04.1
1:115.13.0+build5-0ubuntu0.22.04.1
1:115.15.0+build1-0ubuntu0.22.04.1
1:115.16.0+build2-0ubuntu0.22.04.1
1:115.18.0+build1-0ubuntu0.22.04.1
Ubuntu:24.04:LTS
mozjs102
mozjs115
Package
- Name
- mozjs115
- Purl
- pkg:deb/ubuntu/mozjs115@115.10.0-1?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:24.10
mozjs115
Package
- Name
- mozjs115
- Purl
- pkg:deb/ubuntu/mozjs115@115.16.0-1?arch=source&distro=oracular
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:25.04
Ubuntu:Pro:18.04:LTS
mozjs52
Package
- Name
- mozjs52
- Purl
- pkg:deb/ubuntu/mozjs52@52.9.1-0ubuntu0.18.04.1?arch=source&distro=esm-infra/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected