説明
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code, obtain sensitive information, spoof user interface.
Below is a complete list of vulnerabilities:
- Security bypass vulnerability in JavaScript engine can be exploited to bypass security restrictions.
- Denial of service vulnerability in large branch table can be exploited to cause denial of service.
- Code execution vulnerability in javascript URLs when used in object and embed tags can be exploited to execute arbitrary code
- Security bypass vulnerability in cached CORS can be exploited to bypass security restrictions.
- Security bypass vulnerability in cookie can be exploited to bypass security restrictions.
- Code execution vulnerability in “Copy as cURL” command can be exploited to execute arbitrary code.
- Information disclosure vulnerability in URL stripping can be exploited to obtain sensitive information.
- Security bypass vulnerability can be exploited via special crafted XSLT document to bypass security restrictions.
- Security bypass vulnerability in CSP frame-src can be exploited to bypass security restrictions.
- Security UI vulnerability in URL bar can be exploited to spoof user interface.
- Denial of service vulnerability in JavaScript state machine can be exploited to denial of service.
- Memory safety vulnerability can be exploited to execute arbitrary code.
オリジナルアドバイザリー
関連製品
CVEリスト
- CVE-2025-8027 high
- CVE-2025-8028 critical
- CVE-2025-8029 critical
- CVE-2025-8030 critical
- CVE-2025-8031 critical
- CVE-2025-8032 critical
- CVE-2025-8033 high
- CVE-2025-8034 critical
- CVE-2025-8035 critical
- CVE-2025-8036 critical
- CVE-2025-8037 critical
- CVE-2025-8038 critical
- CVE-2025-8039 critical
- CVE-2025-8040 critical
も参照してください
お住まいの地域に広がる脆弱性の統計をご覧ください statistics.securelist.com
この脆弱性についての記述に不正確な点がありますか? お知らせください!