CVE-2026-4725

Опубликовано: 24 мар. 2026

Источник: redhat

CVSS3: 6.1

EPSS Низкий

Описание

Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149 and Thunderbird < 149.

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to use-after-free in the Graphics: Canvas2D component

Отчет

Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 10	firefox	Not affected
Red Hat Enterprise Linux 10	rhel10/firefox-flatpak	Not affected
Red Hat Enterprise Linux 6	firefox	Not affected
Red Hat Enterprise Linux 7	firefox	Not affected
Red Hat Enterprise Linux 8	firefox	Not affected
Red Hat Enterprise Linux 9	firefox	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-825

https://bugzilla.redhat.com/show_bug.cgi?id=2450716firefox: Sandbox escape due to use-after-free in the Graphics: Canvas2D component

EPSS

Процентиль: 2%

0.00012

Низкий

6.1 Medium

CVSS3

Связанные уязвимости

CVE-2026-4725

CVSS3: 10

ubuntu

16 дней назад

Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149 and Thunderbird < 149.

CVE-2026-4725

CVSS3: 10

nvd

16 дней назад

Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149 and Thunderbird < 149.

CVE-2026-4725

CVSS3: 10

debian

16 дней назад

Sandbox escape due to use-after-free in the Graphics: Canvas2D compone ...

GHSA-px39-2r97-x6x6

CVSS3: 10

github

16 дней назад

Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149.

EPSS

Процентиль: 2%

0.00012

Низкий

6.1 Medium

CVSS3