CVE-2025-8028

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-8028

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-8028.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-8028

Downstream

DEBIAN-CVE-2025-8028

DLA-4250-1

DLA-4253-1

DSA-5964-1

DSA-5966-1

OESA-2025-1933

OESA-2025-1934

OESA-2025-1935

OESA-2025-1936

OESA-2025-1937

OESA-2025-2099

RHSA-2025:11747

RHSA-2025:11748

RHSA-2025:11797

RHSA-2025:12044

RHSA-2025:12045

RHSA-2025:12046

RHSA-2025:12187

RHSA-2025:12188

RHSA-2025:12278

RHSA-2025:12302

RHSA-2025:12353

RHSA-2025:12360

RHSA-2025:12361

RHSA-2025:13645

RHSA-2025:13646

RHSA-2025:13647

RHSA-2025:13648

RHSA-2025:13649

RHSA-2025:13650

RHSA-2025:13651

RHSA-2025:13676

RLSA-2025:11747

RLSA-2025:11748

RLSA-2025:11797

RLSA-2025:12187

RLSA-2025:12188

RLSA-2025:13676

SUSE-SU-2025:02531-1

SUSE-SU-2025:02546-1

UBUNTU-CVE-2025-8028

Related

Published

2025-07-22T21:15:49Z

Modified

2025-08-09T19:01:28Z

Summary

[none]

Details

On arm64, a WASM br_table instruction with a lot of entries could lead to the label being too far from the instruction causing truncation and incorrect computation of the branch address. This vulnerability affects Firefox < 141, Firefox ESR < 115.26, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.

References

Affected packages