Ce mail provient de l'extérieur, restons vigilants ===================================================================== CERT-Renater Note d'Information No. 2025/VULN661 _____________________________________________________________________ DATE : 02/10/2025 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Firefox versions prior to 143.0.3, for iOS 143.1. ===================================================================== https://www.mozilla.org/en-US/security/advisories/mfsa2025-80/ https://www.mozilla.org/en-US/security/advisories/mfsa2025-79/ _____________________________________________________________________ Mozilla Foundation Security Advisory 2025-80 Security Vulnerabilities fixed in Firefox 143.0.3 Announced September 30, 2025 Impact high Products Firefox Fixed in Firefox 143.0.3 #CVE-2025-11152: Sandbox escape due to integer overflow in the Graphics: Canvas2D component Reporter Oskar L Impact high References Bug 1987246 #CVE-2025-11153: JIT miscompilation in the JavaScript Engine: JIT component Reporter Nan Wang Impact high References Bug 1987481 _____________________________________________________________________ Mozilla Foundation Security Advisory 2025-79 Security Vulnerabilities fixed in Firefox for iOS 143.1 Announced September 28, 2025 Impact moderate Products Firefox for iOS Fixed in Firefox for iOS 143.1 #CVE-2025-10859: Data stored in cookies for non-HTML content while browsing Incognito could be viewed after closing private tabs Reporter Muneaki Nishimura Impact moderate Description Cookie storage for non-HTML temporary documents was being shared incorrectly with normal browsing content, allowing information from private tabs to escape Incognito mode even after the user closed all tabs References Bug 1684624 ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================