CVE-2026-0885 Use-after-free in the JavaScript: GC component

Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

FreeBSD : Firefox -- Incorrect boundary conditions (af9c5b99-b808-11f0-8016-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the af9c5b99-b808-11f0-8016-b42e991fc52e advisory. https://bugzilla.mozilla.org/showbug.cgi?id=1979502 reports: Incorrect boundary conditions in the...

FreeBSD : Mozilla -- Incorrect boundary conditions (f60c790a-a394-11f0-9617-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f60c790a-a394-11f0-9617-b42e991fc52e advisory. [email protected] reports: The vulnerability has been assessed to have moderate impact on affected...

firefox: thunderbird: Incorrect boundary conditions in the JavaScript: GC component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript...

RLSA-2025:16260 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary conditions in the...

Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 140.3 bsc1249391. Security issues fixed: MFSA 2025-78 CVE-2025-10527: sandbox escape due to use-after-free in the Graphics: Canvas2D component. CVE-2025-10528: sandbox escape due to undefined behavior,...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaFirefox (SUSE-SU-2025:03291-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03291-1 advisory. Firefox Extended Support Release 140.3.0 ESR bsc1249391. MFSA 2025-75: CVE-2025-10527 bmo198482...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary conditions in the JavaScript: GC component CVE-2025-10532 firefox:...

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary conditions in the...

KLA88011 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, bypass security restrictions, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Use-after-free vulnerability i...

Mozilla -- Incorrect boundary conditions

[email protected] reports: The vulnerability has been assessed to have moderate impact on affected systems, potentially allowing attackers to exploit incorrect boundary conditions in the JavaScript Garbage Collection component. In Thunderbird specifically, these flaws cannot be exploited throu...

mozilla: Garbage collection could mis-color cross-compartment objects in OOM conditions

The Mozilla Foundation's Security Advisory: The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated this update ...

mozilla: Use-after-free in JavaScript garbage collection

The Mozilla Foundation Security Advisory describes this flaw as: Unexpected marking work at the start of sweeping could have led to a use-after-free...

mozilla: Use-after-free in JavaScript garbage collection

The Mozilla Foundation Security Advisory describes this flaw as: Unexpected marking work at the start of sweeping could have led to a use-after-free...

ALSA-2024:5391 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: Firefox: 115.14/128.1 ESR mozilla: Fullscreen notification dialog can be obscured by document content CVE-2024-7518 mozilla: Out of bounds memory access in graphics shar...

ALSA-2024:5402 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: Thunderbird: 115.14/128.1 mozilla: Fullscreen notification dialog can be obscured by document content CVE-2024-7518 mozilla: Out of bounds memory access in graphics shared memory handling CVE-2024-7519 mozilla: Type...

mozilla: Use-after-free in JavaScript garbage collection

The Mozilla Foundation Security Advisory describes this flaw as: Unexpected marking work at the start of sweeping could have led to a use-after-free...

mozilla: Use-after-free in JavaScript garbage collection

The Mozilla Foundation Security Advisory describes this flaw as: Unexpected marking work at the start of sweeping could have led to a use-after-free...