Spidermonkey: Multiple Vulnerabilities
Multiple vulnerabilities have been discovered in Spidermonkey, the worst of which could lead to execution of arbitrary code.
spidermonkey
2025-05-14
2025-05-14
941171
942471
951565
local and remote
128.8.0
128.8.0
SpiderMonkey is Mozilla’s JavaScript and WebAssembly Engine, used in Firefox, Servo and various other projects. It is written in C++, Rust and JavaScript. You can embed it into C++ and Rust projects, and it can be run as a stand-alone shell.
Multiple vulnerabilities have been discovered in Spidermonkey. Please review the CVE identifiers referenced below for details.
Please review the referenced CVE identifiers for details.
There is no known workaround at this time.
All Spidermonkey users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/spidermonkey-128.8.0"
CVE-2024-8900
CVE-2024-9391
CVE-2024-9392
CVE-2024-9395
CVE-2024-9396
CVE-2024-9397
CVE-2024-9399
CVE-2024-9400
CVE-2024-9401
CVE-2024-9402
CVE-2024-9403
CVE-2024-10458
CVE-2024-10459
CVE-2024-10460
CVE-2024-10461
CVE-2024-10462
CVE-2024-10463
CVE-2024-10464
CVE-2024-10465
CVE-2024-10466
CVE-2024-10467
CVE-2024-10468
CVE-2024-43097
CVE-2025-1931
CVE-2025-1932
CVE-2025-1933
CVE-2025-1934
CVE-2025-1935
CVE-2025-1936
CVE-2025-1937
CVE-2025-1938
MFSA2024-46
MFSA2024-47
MFSA2024-48
MFSA2024-49
MFSA2024-50
MFSA2024-55
MFSA2024-56
MFSA2024-57
MFSA2024-58
MFSA2024-59
MFSA2025-14
MFSA2025-16
MFSA2025-18
graaff
graaff