CVE-2026-2787

Опубликовано: 24 фев. 2026

Источник: debian

Описание

Use-after-free in the DOM: Window and Location component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

Пакеты

Пакет	Статус	Версия исправления	Тип
firefox	fixed	148.0-1	package
firefox-esr	fixed	140.8.0esr-1	package
thunderbird	fixed	1:140.8.0esr-1	package

Примечания

https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2787
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2787
https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2787

Связанные уязвимости

CVE-2026-2787

CVSS3: 9.8

ubuntu

4 месяца назад

Use-after-free in the DOM: Window and Location component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

CVE-2026-2787

CVSS3: 6.1

redhat

4 месяца назад

Use-after-free in the DOM: Window and Location component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

CVE-2026-2787

CVSS3: 9.8

nvd

4 месяца назад

Use-after-free in the DOM: Window and Location component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

GHSA-xchm-7954-5wvg

CVSS3: 9.8

github

4 месяца назад

Use-after-free in the DOM: Window and Location component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.

openSUSE-SU-2026:20365-1

suse-cvrf

3 месяца назад

Security update for MozillaFirefox