GHSA-657p-g22x-9v25

Опубликовано: 22 июл. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 8.1

Описание

Thunderbird executed javascript: URLs when used in object and embed tags. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.

Ссылки

EPSS

Процентиль: 12%

0.00042

Низкий

8.1 High

CVSS3

CVE ID

CVE-2025-8029

Дефекты

CWE-80

Связанные уязвимости

CVE-2025-8029

CVSS3: 8.1

ubuntu

12 дней назад

Thunderbird executed `javascript:` URLs when used in `object` and `embed` tags. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.

CVE-2025-8029

CVSS3: 6.1

redhat

12 дней назад

Firefox executed `javascript:` URLs when used in `object` and `embed` tags. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.