CNNVD-202507-2923 Information
CNNVD ID
CNNVD-202507-2923
Related CVE
- CNNVD Published: 2025-07-22
Description (Chinese)
Mozilla Firefox等都是美国Mozilla基金会的产品。Mozilla Firefox是一款开源Web浏览器。Mozilla Firefox ESR是Firefox(Web浏览器)的一个延长支持版本。Mozilla Thunderbird是一套从Mozilla Application Suite独立出来的电子邮件客户端软件。 Mozilla多款产品存在安全漏洞,该漏洞源于WASM br_table指令导致分支地址计算错误。以下产品和版本受到影响:Firefox 141之前版本、Firefox ESR 115.26之前版本、128.13之前版本和140.1之前版本和Thunderbird 141之前版本、128.13之前版本和140.1之前版本。
Description (English)
Mozilla Firefox and others are products of the Mozilla Foundation in the United States. Mozilla Firefox is an open-source Web browser. Mozilla Firefox ESR is an extended support version of Firefox (Web Browser). Mozilla Thunderbird is an independent email client from Mozilla Application Suite. There is a safety loophole in Mozilla ’ s multiple products, which stems from an error in calculation of branch address due to the WASM br table command. The following products and versions were affected: preFirefox 141, preFirefox ESR 115.26, pre-128.13 and pre-140.1 and pre-Thunderbird 141, pre-128.13 and pre-140.1.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
Mozilla
Published
2025-07-22
Last Modified
2026-02-24
References
https://www.mozilla.org/security/advisories/mfsa2025-61/ https://www.mozilla.org/security/advisories/mfsa2025-62/ https://www.mozilla.org/security/advisories/mfsa2025-63/ https://www.mozilla.org/security/advisories/mfsa2025-56/ https://www.mozilla.org/security/advisories/mfsa2025-57/ https://www.mozilla.org/security/advisories/mfsa2025-58/ https://www.mozilla.org/security/advisories/mfsa2025-59/ https://bugzilla.mozilla.org/show_bug.cgi?id=1971581 https://nvd.nist.gov/vuln/detail/CVE-2025-8028
Patch
https://www.firefox.com/zh-CN/?utm_campaign=SET_DEFAULT_BROWSER
Share on: