firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume th...

CVE-2026-6761 vulnerabilities

Vulnerabilities for packages: firefox-esr...

GHSA-99HH-XP2Q-F3FC vulnerabilities

Vulnerabilities for packages: firefox-esr...

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corrupti...

thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of...

CVE-2026-4700

Mitigation bypass in the Networking: HTTP component. This vulnerability affects Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corrupti...

CVE-2026-2793

Memory safety bugs in Firefox and Thunderbird components were identified in multiple versions and have been fixed in newer releases. Affected: Firefox ESR 115.32 and Firefox 115.x ESR-based releases; Firefox ESR 140.7 and Thunderbird ESR 140.7; Firefox 147 and Thunderbird 147. Some bugs showed ev...

CVE-2026-2770

This CVE is a Use-after-free in the DOM: Bindings (WebIDL) component, affecting Firefox versions prior to 148, Firefox ESR prior to 115.33, and Firefox ESR prior to 140.8. The issue is described as a use-after-free in the DOM bindings (WebIDL) subsystem; no exploit details are provided, and the a...

Mozilla Firefox ESR < 140.8

The version of Firefox ESR installed on the remote Windows host is prior to 140.8. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-15 advisory. - Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and...

CVE-2025-3035 vulnerabilities

Vulnerabilities for packages: firefox-esr...

Mozilla Firefox ESR < 52.0.1

The version of Firefox ESR installed on the remote Windows host is prior to 52.0.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2017-08 advisory. - An integer overflow in createImageBitmap was reported through the Pwn2Own contest. The fix for this vulnerability disables...

SUSE-SU-2025:3808-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.4.0 ESR bsc1251263. - CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance - CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures -...

By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.

...

thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 115.27, Firefox ESR 128.14, Thunderbird ESR 128.14, Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs are present in the following versions: Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141, a...

Mozilla Firefox ESR Security Update (mfsa_2025-66) - Mac OS X

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

Linux Distros Unpatched Vulnerability : CVE-2025-8033

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref. This vulnerability was fixed in...

Linux Distros Unpatched Vulnerability : CVE-2019-17016

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When pasting a tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into...

CVE-2025-8036

Thunderbird cached CORS preflight responses across IP address changes. This allowed circumventing CORS with DNS rebinding. This vulnerability affects Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1...

DEBIAN-CVE-2024-2616

To harden ICU against exploitation, the behavior for out-of-memory conditions was changed to crash instead of attempt to continue. This vulnerability affects Firefox ESR 115.9 and Thunderbird 115.9...