Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2026-2776

Опубликовано: 24 фев. 2026
Источник: redhat
CVSS3: 7.5
EPSS Низкий

Описание

Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software

Отчет

Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10rhel10/firefox-flatpakAffected
Red Hat Enterprise Linux 10rhel10/thunderbird-flatpakAffected
Red Hat Enterprise Linux 6firefoxOut of support scope
Red Hat Enterprise Linux 6thunderbirdOut of support scope
Red Hat Enterprise Linux 7thunderbirdOut of support scope
Red Hat Enterprise Linux 10firefoxFixedRHSA-2026:336125.02.2026
Red Hat Enterprise Linux 10thunderbirdFixedRHSA-2026:351702.03.2026
Red Hat Enterprise Linux 10.0 Extended Update SupportfirefoxFixedRHSA-2026:397609.03.2026
Red Hat Enterprise Linux 10.0 Extended Update SupportthunderbirdFixedRHSA-2026:426011.03.2026
Red Hat Enterprise Linux 7 Extended Lifecycle SupportfirefoxFixedRHSA-2026:398409.03.2026

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
https://bugzilla.redhat.com/show_bug.cgi?id=2442291firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software

EPSS

Процентиль: 22%
0.00071
Низкий

7.5 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2026-2776

CVSS3: 10
ubuntu
30 дней назад

Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

nvd логотип

CVE-2026-2776

CVSS3: 10
nvd
30 дней назад

Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

debian логотип

CVE-2026-2776

CVSS3: 10
debian
30 дней назад

Sandbox escape due to incorrect boundary conditions in the Telemetry c ...

github логотип

GHSA-v33x-35cm-8gjc

CVSS3: 10
github
30 дней назад

Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.

suse-cvrf логотип

openSUSE-SU-2026:20365-1

suse-cvrf
10 дней назад

Security update for MozillaFirefox

EPSS

Процентиль: 22%
0.00071
Низкий

7.5 High

CVSS3