Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2025-8037

Опубликовано: 22 июл. 2025
Источник: ubuntu
Приоритет: medium
CVSS3: 9.1

Описание

Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie included the Secure attribute. This vulnerability affects Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, and Thunderbird < 140.1.

РелизСтатусПримечание
devel

not-affected

code not present
jammy

not-affected

code not present
noble

not-affected

code not present
plucky

not-affected

code not present
upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/noble

ignored

jammy

ignored

noble

ignored

plucky

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

ignored

jammy

DNE

noble

ignored

plucky

ignored

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/bionic

needs-triage

jammy

DNE

noble

DNE

plucky

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/focal

ignored

esm-infra/bionic

ignored

jammy

DNE

noble

DNE

plucky

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

jammy

DNE

noble

DNE

plucky

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/jammy

ignored

jammy

ignored

noble

DNE

plucky

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

jammy

ignored

noble

DNE

plucky

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

not-affected

code not present
jammy

not-affected

code not present
noble

not-affected

code not present
plucky

not-affected

code not present
upstream

released

140.1,141

Показывать по

9.1 Critical

CVSS3

Связанные уязвимости

CVSS3: 9.1
nvd
12 дней назад

Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie included the `Secure` attribute. This vulnerability affects Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, and Thunderbird < 140.1.

CVSS3: 9.1
debian
12 дней назад

Setting a nameless cookie with an equals sign in the value shadowed ot ...

CVSS3: 9.1
github
12 дней назад

Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie included the `Secure` attribute. This vulnerability affects Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, and Thunderbird < 140.1.

suse-cvrf
9 дней назад

Security update for MozillaFirefox, MozillaFirefox-branding-SLE

9.1 Critical

CVSS3