{"id":"ALSA-2026:10767","summary":"Important: firefox security update","details":"Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.  \n\nSecurity Fix(es):  \n\n  * firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS (CVE-2026-6772)\n  * firefox: thunderbird: Use-after-free in the JavaScript Engine component (CVE-2026-6754)\n  * firefox: thunderbird: Spoofing issue in the DOM: Core & HTML component (CVE-2026-6762)\n  * firefox: thunderbird: Incorrect boundary conditions in the WebRTC component (CVE-2026-6752)\n  * firefox: thunderbird: Other issue in the Storage: IndexedDB component (CVE-2026-6770)\n  * firefox: thunderbird: Invalid pointer in the JavaScript: WebAssembly component (CVE-2026-6757)\n  * firefox: thunderbird: Other issue in the Libraries component in NSS (CVE-2026-6767)\n  * firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150 (CVE-2026-6786)\n  * firefox: thunderbird: Incorrect boundary conditions in the WebRTC component (CVE-2026-6753)\n  * firefox: thunderbird: Use-after-free in the Widget: Cocoa component (CVE-2026-6759)\n  * firefox: thunderbird: Use-after-free in the WebRTC component (CVE-2026-6747)\n  * firefox: thunderbird: Information disclosure due to uninitialized memory in the Graphics: Canvas2D component (CVE-2026-6749)\n  * firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS (CVE-2026-6766)\n  * firefox: thunderbird: Privilege escalation in the Networking component (CVE-2026-6761)\n  * firefox: thunderbird: Mitigation bypass in the File Handling component (CVE-2026-6763)\n  * firefox: thunderbird: Privilege escalation in the Graphics: WebRender component (CVE-2026-6750)\n  * firefox: thunderbird: Uninitialized memory in the Audio/Video: Web Codecs component (CVE-2026-6748)\n  * firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150 (CVE-2026-6785)\n  * firefox: thunderbird: Mitigation bypass in the DOM: Security component (CVE-2026-6771)\n  * firefox: thunderbird: Incorrect boundary conditions in the DOM: Device Interfaces component (CVE-2026-6764)\n  * firefox: thunderbird: Information disclosure in the Form Autofill component (CVE-2026-6765)\n  * firefox: thunderbird: Privilege escalation in the Debugger component (CVE-2026-6769)\n  * firefox: thunderbird: Uninitialized memory in the Audio/Video: Web Codecs component (CVE-2026-6751)\n  * firefox: thunderbird: Incorrect boundary conditions in the WebRTC: Networking component (CVE-2026-6776)\n  * firefox: thunderbird: Use-after-free in the DOM: Core & HTML component (CVE-2026-6746)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n","modified":"2026-04-30T14:44:33.764904378Z","published":"2026-04-27T00:00:00Z","related":["CVE-2026-6746","CVE-2026-6747","CVE-2026-6748","CVE-2026-6749","CVE-2026-6750","CVE-2026-6751","CVE-2026-6752","CVE-2026-6753","CVE-2026-6754","CVE-2026-6757","CVE-2026-6759","CVE-2026-6761","CVE-2026-6762","CVE-2026-6763","CVE-2026-6764","CVE-2026-6765","CVE-2026-6766","CVE-2026-6767","CVE-2026-6769","CVE-2026-6770","CVE-2026-6771","CVE-2026-6772","CVE-2026-6776","CVE-2026-6785","CVE-2026-6786"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2026:10767"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6746"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6747"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6748"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6749"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6750"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6751"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6752"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6753"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6754"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6757"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6759"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6761"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6762"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6763"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6764"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6765"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6766"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6767"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6769"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6770"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6771"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6772"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6776"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6785"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6786"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460074"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460075"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460076"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460078"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460079"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460085"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460086"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460088"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460092"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460094"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460095"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460096"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460097"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460099"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460101"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460102"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460103"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460104"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460105"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460106"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460107"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460108"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460109"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460110"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460112"},{"type":"ADVISORY","url":"https://errata.almalinux.org/10/ALSA-2026-10767.html"}],"affected":[{"package":{"name":"firefox","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/firefox"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"140.10.0-1.el10_1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:10767.json"}}],"schema_version":"1.7.5"}