Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-8032

Опубликовано: 22 июл. 2025
Источник: debian

Описание

XSLT document loading did not correctly propagate the source document which bypassed its CSP. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
firefoxfixed141.0-1package
firefox-esrfixed128.13.0esr-1package
thunderbirdfixed1:128.13.0esr-1package

Примечания

  • https://www.mozilla.org/en-US/security/advisories/mfsa2025-56/#CVE-2025-8032

  • https://www.mozilla.org/en-US/security/advisories/mfsa2025-58/#CVE-2025-8032

  • https://www.mozilla.org/en-US/security/advisories/mfsa2025-62/#CVE-2025-8032

Связанные уязвимости

CVSS3: 8.1
ubuntu
12 дней назад

XSLT document loading did not correctly propagate the source document which bypassed its CSP. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.

CVSS3: 6.1
redhat
12 дней назад

XSLT document loading did not correctly propagate the source document which bypassed its CSP. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.

CVSS3: 8.1
nvd
12 дней назад

XSLT document loading did not correctly propagate the source document which bypassed its CSP. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.

CVSS3: 8.1
github
12 дней назад

XSLT document loading did not correctly propagate the source document which bypassed its CSP. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.

oracle-oval
5 дней назад

ELSA-2025-12188: thunderbird security update (IMPORTANT)