UBUNTU-CVE-2025-6426

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2025-6426
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-6426.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2025-6426
Upstream
  • CVE-2025-6426
Downstream
Related
Published
2025-06-24T13:15:00Z
Modified
2025-09-08T17:06:51Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
  • Ubuntu - medium
Summary
[none]
Details

The executable file warning did not warn users before opening files with the terminal extension. This bug only affects Firefox for macOS. Other versions of Firefox are unaffected. This vulnerability affects Firefox < 140, Firefox ESR < 128.12, Thunderbird < 140, and Thunderbird < 128.12.

References

Affected packages

Ubuntu:Pro:18.04:LTS / mozjs52

Package

Name
mozjs52
Purl
pkg:deb/ubuntu/mozjs52@52.9.1-0ubuntu0.18.04.1?arch=source&distro=esm-infra/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

52.*

52.3.1-0ubuntu3
52.3.1-7fakesync1
52.8.1-0ubuntu0.18.04.1
52.9.1-0ubuntu0.18.04.1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libmozjs-52-0",
            "binary_version": "52.9.1-0ubuntu0.18.04.1"
        },
        {
            "binary_name": "libmozjs-52-dev",
            "binary_version": "52.9.1-0ubuntu0.18.04.1"
        }
    ]
}

Ubuntu:Pro:18.04:LTS / mozjs38

Package

Name
mozjs38
Purl
pkg:deb/ubuntu/mozjs38@38.8.0~repack1-0ubuntu4?arch=source&distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

38.*

38.8.0~repack1-0ubuntu1
38.8.0~repack1-0ubuntu3
38.8.0~repack1-0ubuntu4

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libmozjs-38-0",
            "binary_version": "38.8.0~repack1-0ubuntu4"
        },
        {
            "binary_name": "libmozjs-38-dev",
            "binary_version": "38.8.0~repack1-0ubuntu4"
        }
    ]
}

Ubuntu:Pro:20.04:LTS / mozjs68

Package

Name
mozjs68
Purl
pkg:deb/ubuntu/mozjs68@68.6.0-1ubuntu1?arch=source&distro=esm-infra/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

68.*

68.5.0-1~fakesync
68.5.0-2~fakesync
68.6.0-1
68.6.0-1ubuntu1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libmozjs-68-0",
            "binary_version": "68.6.0-1ubuntu1"
        },
        {
            "binary_name": "libmozjs-68-dev",
            "binary_version": "68.6.0-1ubuntu1"
        }
    ]
}

Ubuntu:Pro:20.04:LTS / mozjs52

Package

Name
mozjs52
Purl
pkg:deb/ubuntu/mozjs52@52.9.1-1ubuntu3?arch=source&distro=esm-apps/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

52.*

52.9.1-1build1
52.9.1-1ubuntu3

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libmozjs-52-0",
            "binary_version": "52.9.1-1ubuntu3"
        },
        {
            "binary_name": "libmozjs-52-dev",
            "binary_version": "52.9.1-1ubuntu3"
        }
    ]
}

Ubuntu:22.04:LTS / mozjs102

Package

Name
mozjs102
Purl
pkg:deb/ubuntu/mozjs102@102.15.1-0ubuntu0.22.04.1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

102.*

102.11.0-0ubuntu0.22.04.1
102.12.0-0ubuntu0.22.04.1
102.13.0-0ubuntu0.22.04.1
102.15.1-0ubuntu0.22.04.1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libmozjs-102-0",
            "binary_version": "102.15.1-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "libmozjs-102-dev",
            "binary_version": "102.15.1-0ubuntu0.22.04.1"
        }
    ]
}

Ubuntu:22.04:LTS / mozjs78

Package

Name
mozjs78
Purl
pkg:deb/ubuntu/mozjs78@78.15.0-4ubuntu1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

78.*

78.13.0-1
78.15.0-2
78.15.0-4ubuntu1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libmozjs-78-0",
            "binary_version": "78.15.0-4ubuntu1"
        },
        {
            "binary_name": "libmozjs-78-dev",
            "binary_version": "78.15.0-4ubuntu1"
        }
    ]
}

Ubuntu:22.04:LTS / mozjs91

Package

Name
mozjs91
Purl
pkg:deb/ubuntu/mozjs91@91.10.0-0ubuntu1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

91.*

91.5.1-0ubuntu1
91.6.0-1
91.6.0-2
91.7.0-2
91.10.0-0ubuntu1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libmozjs-91-0",
            "binary_version": "91.10.0-0ubuntu1"
        },
        {
            "binary_name": "libmozjs-91-dev",
            "binary_version": "91.10.0-0ubuntu1"
        }
    ]
}

Ubuntu:22.04:LTS / thunderbird

Package

Name
thunderbird
Purl
pkg:deb/ubuntu/thunderbird@1:128.12.0+build1-0ubuntu0.22.04.1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:128.12.0+build1-0ubuntu0.22.04.1

Affected versions

1:91.*

1:91.1.2+build1-0ubuntu1
1:91.3.0+build2-0ubuntu1
1:91.3.1+build1-0ubuntu1
1:91.3.2+build1-0ubuntu1
1:91.4.0+build1.1-0ubuntu1
1:91.4.0+build2-0ubuntu1
1:91.5.0+build1-0ubuntu1
1:91.5.1+build1-0ubuntu1
1:91.6.1+build1-0ubuntu1
1:91.7.0+build1-0ubuntu1
1:91.7.0+build2-0ubuntu1
1:91.8.0+build2-0ubuntu1
1:91.9.1+build1-0ubuntu0.22.04.1
1:91.11.0+build2-0ubuntu0.22.04.1

1:102.*

1:102.2.2+build1-0ubuntu0.22.04.1
1:102.4.2+build2-0ubuntu0.22.04.1
1:102.7.1+build2-0ubuntu0.22.04.1
1:102.8.0+build2-0ubuntu0.22.04.1
1:102.9.0+build1-0ubuntu0.22.04.1
1:102.10.0+build2-0ubuntu0.22.04.1
1:102.11.0+build1-0ubuntu0.22.04.1
1:102.13.0+build1-0ubuntu0.22.04.1
1:102.15.0+build1-0ubuntu0.22.04.1
1:102.15.1+build1-0ubuntu0.22.04.1

1:115.*

1:115.3.1+build1-0ubuntu0.22.04.2
1:115.4.1+build1-0ubuntu0.22.04.1
1:115.5.0+build1-0ubuntu0.22.04.1
1:115.6.0+build2-0ubuntu0.22.04.1
1:115.8.1+build1-0ubuntu0.22.04.1
1:115.9.0+build1-0ubuntu0.22.04.1
1:115.10.1+build1-0ubuntu0.22.04.1
1:115.11.0+build2-0ubuntu0.22.04.1
1:115.12.0+build3-0ubuntu0.22.04.1
1:115.13.0+build5-0ubuntu0.22.04.1
1:115.15.0+build1-0ubuntu0.22.04.1
1:115.16.0+build2-0ubuntu0.22.04.1
1:115.18.0+build1-0ubuntu0.22.04.1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "thunderbird",
            "binary_version": "1:128.12.0+build1-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "thunderbird-dev",
            "binary_version": "1:128.12.0+build1-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "thunderbird-gnome-support",
            "binary_version": "1:128.12.0+build1-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "thunderbird-mozsymbols",
            "binary_version": "1:128.12.0+build1-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "xul-ext-calendar-timezones",
            "binary_version": "1:128.12.0+build1-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "xul-ext-gdata-provider",
            "binary_version": "1:128.12.0+build1-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "xul-ext-lightning",
            "binary_version": "1:128.12.0+build1-0ubuntu0.22.04.1"
        }
    ],
    "availability": "No subscription required"
}

Ubuntu:24.04:LTS / mozjs102

Package

Name
mozjs102
Purl
pkg:deb/ubuntu/mozjs102@102.15.1-3ubuntu2?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

102.*

102.15.1-1
102.15.1-3ubuntu2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libmozjs-102-0t64",
            "binary_version": "102.15.1-3ubuntu2"
        },
        {
            "binary_name": "libmozjs-102-dev",
            "binary_version": "102.15.1-3ubuntu2"
        }
    ]
}

Ubuntu:24.04:LTS / mozjs115

Package

Name
mozjs115
Purl
pkg:deb/ubuntu/mozjs115@115.10.0-1?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

115.*

115.3.0-0ubuntu1
115.4.0-2
115.5.0-1
115.6.0-1
115.7.0-4
115.8.0-1
115.9.0-1
115.9.0-1build1
115.10.0-1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libmozjs-115-0t64",
            "binary_version": "115.10.0-1"
        },
        {
            "binary_name": "libmozjs-115-dev",
            "binary_version": "115.10.0-1"
        }
    ]
}

Ubuntu:25.04 / mozjs115

Package

Name
mozjs115
Purl
pkg:deb/ubuntu/mozjs115@115.21.0-1?arch=source&distro=plucky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

115.*

115.16.0-1
115.17.0-1
115.18.0-1
115.19.0-1
115.20.0-1
115.21.0-1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libmozjs-115-0t64",
            "binary_version": "115.21.0-1"
        },
        {
            "binary_name": "libmozjs-115-dev",
            "binary_version": "115.21.0-1"
        }
    ]
}