CVE-2025-8041

Publication date 23 July 2025

Last updated 25 July 2025

Ubuntu priority

[Unknown description]

Status

Show unmaintained releases

Package	Ubuntu Release	Status
firefox	25.04 plucky	Not affected
	24.04 LTS noble	Not affected
	22.04 LTS jammy	Not affected
thunderbird	25.04 plucky	Not affected
	24.04 LTS noble	Not affected
	22.04 LTS jammy	Not affected

How can I get the fixes?
What do statuses mean?

Notes

mdeslaur

mozjs* contain a copy of the SpiderMonkey JavaScript engine. It is not feasible to backport security fixes to the mozjs* packages, as such, marking them as ignored. starting with Ubuntu 22.04, the firefox package is just a script that installs the Firefox snap starting with Ubuntu 24.04, the thunderbird package is just a script that installs the Thunderbird snap

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2025-8041
https://www.mozilla.org/en-US/security/advisories/mfsa2025-56/#CVE-2025-8041