Spidermonkey: Multiple Vulnerabilities
Multiple vulnerabilities have been discovered in Spidermonkey, the worst of which could lead to execution of arbitrary code.
spidermonkey
2025-09-17
2025-09-17
945052
948115
953023
local and remote
128.9.0
128.9.0
SpiderMonkey is Mozilla’s JavaScript and WebAssembly Engine, used in Firefox, Servo and various other projects. It is written in C++, Rust and JavaScript. You can embed it into C++ and Rust projects, and it can be run as a stand-alone shell.
Multiple vulnerabilities have been discovered in Spidermonkey. Please review the CVE identifiers referenced below for details.
Please review the referenced CVE identifiers for details.
There is no known workaround at this time.
All Spidermonkey users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/spidermonkey-128.9.0"
CVE-2024-11692
CVE-2024-11694
CVE-2024-11695
CVE-2024-11696
CVE-2024-11697
CVE-2024-11699
CVE-2024-11700
CVE-2024-11701
CVE-2024-11704
CVE-2024-11705
CVE-2024-11706
CVE-2024-11708
CVE-2025-0237
CVE-2025-0238
CVE-2025-0239
CVE-2025-0240
CVE-2025-0241
CVE-2025-0242
CVE-2025-0243
CVE-2025-3028
CVE-2025-3029
CVE-2025-3030
CVE-2025-3031
CVE-2025-3032
CVE-2025-3034
MFSA2024-63
MFSA2024-64
MFSA2024-65
MFSA2024-67
MFSA2024-68
MFSA2025-01
MFSA2025-02
MFSA2025-05
MFSA2025-20
MFSA2025-22
MFSA2025-23
MFSA2025-24
graaff
sam