{"id":"CVE-2025-11708","details":"Use-after-free in MediaTrackGraphImpl::GetInstance() This vulnerability affects Firefox \u003c 144, Firefox ESR \u003c 140.4, Thunderbird \u003c 144, and Thunderbird \u003c 140.4.","modified":"2026-04-16T04:32:04.719083357Z","published":"2025-10-14T13:15:36.970Z","related":["ALSA-2025:18154","ALSA-2025:18155","ALSA-2025:18285","ALSA-2025:18320","ALSA-2025:18321","ALSA-2025:18983","SUSE-SU-2025:21021-1","SUSE-SU-2025:3775-1","SUSE-SU-2025:3808-1","SUSE-SU-2025:4006-1","SUSE-SU-2025:4173-1","SUSE-SU-2025:4174-1","openSUSE-SU-2025:15632-1","openSUSE-SU-2025:15645-1","openSUSE-SU-2025:15646-1","openSUSE-SU-2025:20026-1","openSUSE-SU-2025:20065-1"],"references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00015.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00031.html"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2025-81/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2025-83/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2025-84/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2025-85/"},{"type":"REPORT","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1988931"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-11708.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"140.4.0"}]},{"events":[{"introduced":"0"},{"fixed":"144.0"}]},{"events":[{"introduced":"0"},{"fixed":"140.4.0"}]},{"events":[{"introduced":"141.0"},{"fixed":"144.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}