Firefox 138 Launches with Patches for Several High-Severity Flaws
gbhackersMozilla has officially released Firefox 138, marking a significant update focused on user security. The new version addresses multiple high-severity vulnerabilities, following the Mozilla Foundation Security Advisory 2025-28.
The Firefox browser continues its tradition of proactive security practices, ensuring users are protected from the latest threats.
A Critical Security Update
Announced on April 29, 2025, Firefox 138 includes critical patches for vulnerabilities that, if exploited, could lead to privilege escalation, memory corruption, or even arbitrary code execution.
Mozilla has credited security researchers from around the world for responsibly reporting these flaws.
The security advisory highlights four notable CVEs (Common Vulnerabilities and Exposures) fixed in this release.
Below is a summary table of the vulnerabilities, their descriptions, and affected products:
| CVE | Title | Impact | Affected Product(s) |
| CVE-2025-2817 | Privilege escalation in Firefox Updater | High | Firefox |
| CVE-2025-4082 | WebGL shader attribute memory corruption (macOS only) | High | Firefox for macOS |
| CVE-2025-4083 | Process isolation bypass via ... |
Copyright of this story solely belongs to gbhackers . To see the full text click HERE