Уязвимость CVE-2025-8033

Пакет	Статус	Версия исправления	Тип
firefox	fixed	141.0-1	package
firefox-esr	fixed	128.13.0esr-1	package
thunderbird	fixed	1:128.13.0esr-1	package

CVE-2025-8033

CVSS3: 6.5

ubuntu

около 2 месяцев назад

The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref. This vulnerability affects Firefox < 141, Firefox ESR < 115.26, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.

CVE-2025-8033

CVSS3: 3.4

redhat

около 2 месяцев назад

The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref. This vulnerability affects Firefox < 141, Firefox ESR < 115.26, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.

CVE-2025-8033

CVSS3: 6.5

nvd

около 2 месяцев назад

The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref. This vulnerability affects Firefox < 141, Firefox ESR < 115.26, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.

GHSA-j6gx-vvh5-9mwh

CVSS3: 6.5

github

около 2 месяцев назад

The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref. This vulnerability affects Firefox < 141, Firefox ESR < 115.26, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.

BDU:2025-10490

CVSS3: 6.5

fstec

около 2 месяцев назад

Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с разыменованием нулевого указателя, позволяющая нарушителю оказать воздействие на конфиденциальность защищаемой информации

exploitDog

CVE-2025-8033

Описание

Пакеты

Примечания

Связанные уязвимости