PT-2025-34540 · Undefined · Undefined
Published
2025-08-23
·
Updated
2025-09-23
·
CVE-2025-9197
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
As of the time of this writing (Unix epoch 1755962780), there is a high-impact bug not fixed in Firefox ESR 140.2 or ESR 128.14 even though it's been fixed in Firefox 142 (fixed typo, thanks u/nietzschecode)
If you compare these three sites:
- https://www.mozilla.org/en-US/security/advisories/mfsa2025-64/
- https://www.mozilla.org/en-US/security/advisories/mfsa2025-66/
- https://www.mozilla.org/en-US/security/advisories/mfsa2025-67/
You'll see neither ESR pages mention CVE-2025-9197 as described in both https://nvd.nist.gov/vuln/detail/CVE-2025-9187 and https://www.mozilla.org/en-US/security/advisories/mfsa2025-64/#CVE-2025-9187. The reference link in the Mozilla page goes to a page that says "Zarro Boogs found" and the NIST page tagged the Bugzilla link as a "Broken Link".
Am I missing/misunderstanding something? Or have they not patched this bug yet?
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Undefined