CNNVD-202507-2929 Information
CNNVD ID
CNNVD-202507-2929
Related CVE
- CNNVD Published: 2025-07-22
Description (Chinese)
Mozilla Firefox等都是美国Mozilla基金会的产品。Mozilla Firefox是一款开源Web浏览器。Mozilla Firefox ESR是Firefox(Web浏览器)的一个延长支持版本。Mozilla Thunderbird是一套从Mozilla Application Suite独立出来的电子邮件客户端软件。 Mozilla多款产品存在代码问题漏洞,该漏洞源于JavaScript引擎未正确处理已关闭的生成器,可能导致空指针取消引用。以下产品和版本受到影响:Firefox 141之前版本、Firefox ESR 115.26之前版本、128.13之前版本和140.1之前版本和Thunderbird 141之前版本、128.13之前版本和140.1之前版本。
Description (English)
Mozilla Firefox and others are products of the Mozilla Foundation in the United States. Mozilla Firefox is an open-source Web browser. Mozilla Firefox ESR is an extended support version of Firefox (Web Browser). Mozilla Thunderbird is an independent email client from Mozilla Application Suite. There is a code breach in Mozilla ’ s multiple products, which stems from the fact that the JavaScript engine did not properly address the closed generator, which could lead to the removal of the empty pointer. The following products and versions were affected: preFirefox 141, preFirefox ESR 115.26, pre-128.13 and pre-140.1 and pre-Thunderbird 141, pre-128.13 and pre-140.1.
Hazard Level
High
Vulnerability Type
代码问题
Affected Vendor
Mozilla
Published
2025-07-22
Last Modified
2026-02-24
References
https://www.mozilla.org/security/advisories/mfsa2025-61/ https://www.mozilla.org/security/advisories/mfsa2025-62/ https://www.mozilla.org/security/advisories/mfsa2025-63/ https://www.mozilla.org/security/advisories/mfsa2025-56/ https://www.mozilla.org/security/advisories/mfsa2025-57/ https://www.mozilla.org/security/advisories/mfsa2025-58/ https://www.mozilla.org/security/advisories/mfsa2025-59/ https://bugzilla.mozilla.org/show_bug.cgi?id=1973990 https://nvd.nist.gov/vuln/detail/CVE-2025-8033
Patch
https://www.firefox.com/zh-CN/?utm_campaign=SET_DEFAULT_BROWSER
Share on: