10 matches found
Amazon Linux 2 : firefox, --advisory ALAS2FIREFOX-2026-050 (ALASFIREFOX-2026-050)
The version of firefox installed on the remote host is prior to 140.7.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2026-050 advisory. Spoofing issue in the Downloads Panel component. This vulnerability affects Firefox 146. CVE-2025-14327 Mitigation...
firefox: thunderbird: Mitigation bypass in the DOM: Security component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...
firefox: thunderbird: Information disclosure in the Networking component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure in the Networking component...
firefox: thunderbird: Use-after-free in the JavaScript Engine component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the JavaScript Engine component...
CVE-2026-0890
Spoofing issue in the DOM: Copy & Paste and Drag & Drop component. This vulnerability affects Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...
CVE-2026-0882
Use-after-free in the IPC component. This vulnerability affects Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...
CVE-2026-0882
Use-after-free in the IPC component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...
CVE-2026-0887
CVE-2026-0887: Clickjacking information disclosure in the PDF Viewer component. Affected products per the CVE entry include Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird
CVE-2026-0882
CVE-2026-0882 : Use-after-free in the IPC component exposed in Firefox < 147, Firefox ESR < 115.32 and < 140.7, Thunderbird < 147 and
CVE-2026-0880
Sandbox escape due to integer overflow in the Graphics component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...