PT-2025-30481 · Mozilla+10 · Thunderbird+12

Joe Turki

·

Published

2025-07-22

·

Updated

2026-02-02

·

CVE-2025-8032

CVSS v3.1

8.1

High

VectorAV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 141 Firefox ESR versions prior to 128.13 Firefox ESR versions prior to 140.1 Thunderbird versions prior to 141 Thunderbird versions prior to 128.13 Thunderbird versions prior to 140.1
Description The XSLT document loading process did not correctly propagate the source document, which bypassed the Content Security Policy (CSP).
Recommendations Update Firefox to version 141 or later. Update Firefox ESR to version 128.13 or later. Update Firefox ESR to version 140.1 or later. Update Thunderbird to version 141 or later. Update Thunderbird to version 128.13 or later. Update Thunderbird to version 140.1 or later.

Fix

Protection Mechanism Failure

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-693CWE-942

Related Identifiers

ALSA-2025:11747
ALSA-2025:11748
ALSA-2025:11797
ALSA-2025:12187
ALSA-2025:12188
ALSA-2025:13676
ALT-PU-2025-10124
ALT-PU-2025-11100
ALT-PU-2025-11495
ALT-PU-2025-11497
ALT-PU-2025-14599
ALT-PU-2025-9988
BDU:2025-10487
CESA-2025_11747
CESA-2025_13676
CVE-2025-8032
DLA-4250-1
DLA-4253-1
DSA-5964-1
DSA-5966-1
INFSA-2025_11747
INFSA-2025_11748
INFSA-2025_12187
INFSA-2025_13676
MGASA-2025-0227
MGASA-2025-0228
OESA-2025-1933
OESA-2025-1934
OESA-2025-1935
OESA-2025-1936
OESA-2025-1937
OESA-2025-2099
OPENSUSE-SU-2025-20135-1
OPENSUSE-SU-2025:15371-1
OPENSUSE-SU-2025:15383-1
OPENSUSE-SU-2025:15386-1
OPENSUSE-SU-2025:15387-1
OPENSUSE-SU-2025:20135-1
RHSA-2025:11747
RHSA-2025:11748
RHSA-2025:11797
RHSA-2025:12044
RHSA-2025:12045
RHSA-2025:12046
RHSA-2025:12187
RHSA-2025:12188
RHSA-2025:12278
RHSA-2025:12302
RHSA-2025:12353
RHSA-2025:12360
RHSA-2025:12361
RHSA-2025:13645
RHSA-2025:13646
RHSA-2025:13647
RHSA-2025:13648
RHSA-2025:13649
RHSA-2025:13650
RHSA-2025:13651
RHSA-2025:13676
RHSA-2025_11747
RHSA-2025_11748
RHSA-2025_12187
RHSA-2025_13676
SUSE-SU-2025:02529-1
SUSE-SU-2025:02531-1
SUSE-SU-2025:02546-1
SUSE-SU-2025:21170-1
SUSE-SU-2025_02529-1
SUSE-SU-2025_02531-1
USN-7991-1

Affected Products

Alt Linux
Almalinux
Centos
Debian
Firefox
Firefox Esr
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Thunderbird
Ubuntu