Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-8033

Опубликовано: 22 июл. 2025
Источник: debian
EPSS Низкий

Описание

The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref. This vulnerability affects Firefox < 141, Firefox ESR < 115.26, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
firefoxfixed141.0-1package
firefox-esrfixed128.13.0esr-1package
thunderbirdfixed1:128.13.0esr-1package

Примечания

  • https://www.mozilla.org/en-US/security/advisories/mfsa2025-56/#CVE-2025-8033

  • https://www.mozilla.org/en-US/security/advisories/mfsa2025-58/#CVE-2025-8033

  • https://www.mozilla.org/en-US/security/advisories/mfsa2025-62/#CVE-2025-8033

EPSS

Процентиль: 11%
0.0004
Низкий

Связанные уязвимости

CVSS3: 6.5
ubuntu
12 дней назад

The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref. This vulnerability affects Firefox < 141, Firefox ESR < 115.26, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.

CVSS3: 3.4
redhat
12 дней назад

The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref. This vulnerability affects Firefox < 141, Firefox ESR < 115.26, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.

CVSS3: 6.5
nvd
12 дней назад

The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref. This vulnerability affects Firefox < 141, Firefox ESR < 115.26, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.

CVSS3: 6.5
github
12 дней назад

The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref. This vulnerability affects Firefox < 141, Firefox ESR < 115.26, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.

oracle-oval
5 дней назад

ELSA-2025-12188: thunderbird security update (IMPORTANT)

EPSS

Процентиль: 11%
0.0004
Низкий