{"id":"MGASA-2025-0227","summary":"Updated rootcerts, nspr, nss & firefox packages fix vulnerabilities","details":"JavaScript engine only wrote partial return value to stack.\n(CVE-2025-8027)\nLarge branch table could lead to truncated instruction. (CVE-2025-8028)\nJavascript: URLs executed on object and embed tags. (CVE-2025-8029)\nPotential user-assisted code execution in “Copy as cURL” command.\n(CVE-2025-8030)\nIncorrect URL stripping in CSP reports. (CVE-2025-8031)\nXSLT documents could bypass CSP. (CVE-2025-8032)\nIncorrect JavaScript state machine for generators. (CVE-2025-8033)\nMemory safety bugs fixed in Firefox ESR 115.26, Firefox ESR 128.13,\nThunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1,\nFirefox 141 and Thunderbird 141. (CVE-2025-8034)\nMemory safety bugs fixed in Firefox ESR 128.13, Thunderbird ESR 128.13,\nFirefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird\n141. (CVE-2025-8035)\nSandbox escape due to invalid pointer in the Audio/Video: GMP component.\n(CVE-2025-9179)\nSame-origin policy bypass in the Graphics: Canvas2D component.\n(CVE-2025-9180)\nUninitialized memory in the JavaScript Engine component. (CVE-2025-9181)\nMemory safety bugs fixed in Firefox ESR 115.27, Firefox ESR 128.14,\nThunderbird ESR 128.14, Firefox ESR 140.2, Thunderbird ESR 140.2,\nFirefox 142 and Thunderbird 142. (CVE-2025-9185)\n","modified":"2026-02-04T02:35:38.103253Z","published":"2025-09-05T18:30:35Z","related":["CVE-2025-8027","CVE-2025-8028","CVE-2025-8029","CVE-2025-8030","CVE-2025-8031","CVE-2025-8032","CVE-2025-8033","CVE-2025-8034","CVE-2025-8035","CVE-2025-9179","CVE-2025-9180","CVE-2025-9181","CVE-2025-9185"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2025-0227.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=34552"},{"type":"REPORT","url":"https://www.firefox.com/en-US/firefox/128.13.0/releasenotes/"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-58/"},{"type":"REPORT","url":"https://www.firefox.com/en-US/firefox/128.14.0/releasenotes/"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-66/"},{"type":"REPORT","url":"https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_114.html"}],"affected":[{"package":{"name":"firefox","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/firefox?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"128.14.0-1.4.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2025-0227.json"}},{"package":{"name":"firefox-l10n","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/firefox-l10n?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"128.14.0-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2025-0227.json"}},{"package":{"name":"nss","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/nss?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.115.1-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2025-0227.json"}},{"package":{"name":"nspr","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/nspr?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.37-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2025-0227.json"}},{"package":{"name":"rootcerts","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/rootcerts?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"20250808.00-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2025-0227.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}