Severity
High
Analysis Summary
CVE-2025-11721 CVSS:8.8
Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service.
CVE-2025-11715 CVSS:8.8
Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service.
CVE-2025-11713 CVSS:8.1
Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by insufficient escaping in the “Copy as cURL” feature. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service.
Impact
- Code Execution
- Denial of Service
Indicators of Compromise
CVE
CVE-2025-11721
CVE-2025-11715
CVE-2025-11713
Affected Vendors
Affected Products
- Mozilla Firefox 143
Remediation
Refer to Mozilla Foundation Security Advisory for patch, upgrade or suggested workaround information.