CVE-2026-2758

Опубликовано: 24 фев. 2026

Источник: redhat

CVSS3: 7.5

Описание

Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the JavaScript: GC component

Отчет

Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 10	rhel10/firefox-flatpak	Affected
Red Hat Enterprise Linux 10	rhel10/thunderbird-flatpak	Affected
Red Hat Enterprise Linux 6	firefox	Out of support scope
Red Hat Enterprise Linux 6	thunderbird	Out of support scope
Red Hat Enterprise Linux 7	thunderbird	Out of support scope
Red Hat Enterprise Linux 10	firefox	Fixed	RHSA-2026:3361	25.02.2026
Red Hat Enterprise Linux 10	thunderbird	Fixed	RHSA-2026:3517	02.03.2026
Red Hat Enterprise Linux 10.0 Extended Update Support	firefox	Fixed	RHSA-2026:3976	09.03.2026
Red Hat Enterprise Linux 10.0 Extended Update Support	thunderbird	Fixed	RHSA-2026:4260	11.03.2026
Red Hat Enterprise Linux 7 Extended Lifecycle Support	firefox	Fixed	RHSA-2026:3984	09.03.2026

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important

https://bugzilla.redhat.com/show_bug.cgi?id=2442337firefox: thunderbird: Use-after-free in the JavaScript: GC component

7.5 High

CVSS3

Связанные уязвимости

CVE-2026-2758

CVSS3: 9.8

ubuntu

30 дней назад

Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

CVE-2026-2758

CVSS3: 9.8

nvd

30 дней назад

Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.