CVE-2025-8042 Common Vulnerabilities and Exposures

Firefox for Android allowed a sandboxed iframe without the `allow-downloads` attribute to start downloads. This vulnerability affects Firefox < 141.

Overall state of this security issue: Does not affect SUSE products

No SUSE Bugzilla entries cross referenced.

No SUSE Security Announcements cross referenced.

Product(s)	Fixed package version(s)	References
openSUSE Tumbleweed	`MozillaFirefox >= 141.0-1.1` `MozillaFirefox-branding-upstream >= 141.0-1.1` `MozillaFirefox-devel >= 141.0-1.1` `MozillaFirefox-translations-common >= 141.0-1.1` `MozillaFirefox-translations-other >= 141.0-1.1`	Patchnames: openSUSE-Tumbleweed-2025-15386

CVE page created: Sun Jul 27 01:18:51 2025
CVE page last modified: Wed Aug 20 01:26:47 2025