Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-8038

Опубликовано: 22 июл. 2025
Источник: redhat
CVSS3: 3.4

Описание

Thunderbird ignored paths when checking the validity of navigations in a frame. This vulnerability affects Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, and Thunderbird < 140.1.

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Firefox ignored paths when checking the validity of navigations in a frame.

Отчет

Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10firefoxNot affected
Red Hat Enterprise Linux 10rhel10/firefox-flatpakNot affected
Red Hat Enterprise Linux 10rhel10/thunderbird-flatpakNot affected
Red Hat Enterprise Linux 10thunderbirdNot affected
Red Hat Enterprise Linux 6firefoxNot affected
Red Hat Enterprise Linux 6thunderbirdNot affected
Red Hat Enterprise Linux 7firefoxNot affected
Red Hat Enterprise Linux 7thunderbirdNot affected
Red Hat Enterprise Linux 8firefoxNot affected
Red Hat Enterprise Linux 8thunderbirdNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-345
https://bugzilla.redhat.com/show_bug.cgi?id=2382705firefox: thunderbird: CSP frame-src was not correctly enforced for paths

3.4 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-8038

CVSS3: 9.8
ubuntu
6 месяцев назад

Thunderbird ignored paths when checking the validity of navigations in a frame. This vulnerability affects Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, and Thunderbird < 140.1.

nvd логотип

CVE-2025-8038

CVSS3: 9.8
nvd
6 месяцев назад

Thunderbird ignored paths when checking the validity of navigations in a frame. This vulnerability affects Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, and Thunderbird < 140.1.

debian логотип

CVE-2025-8038

CVSS3: 9.8
debian
6 месяцев назад

Thunderbird ignored paths when checking the validity of navigations in ...

github логотип

GHSA-cv9p-3pfj-w864

CVSS3: 9.8
github
6 месяцев назад

Thunderbird ignored paths when checking the validity of navigations in a frame. This vulnerability affects Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, and Thunderbird < 140.1.

fstec логотип

BDU:2025-10494

CVSS3: 9.8
fstec
6 месяцев назад

Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с недостаточной проверкой подлинности данных, позволяющая нарушителю вызвать отказ в обслуживании

3.4 Low

CVSS3