Vulnerability Details CVE-2025-12380
Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox. This vulnerability was fixed in Firefox 144.0.2.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 17.5%
CVSS Severity
CVSS v3 Score 9.8
References