{"id":"RHSA-2026:27717","summary":"Red Hat Security Advisory: firefox security update","modified":"2026-06-30T10:46:52Z","published":"2026-06-22T10:06:37Z","upstream":["CVE-2026-12289","CVE-2026-12290","CVE-2026-12291","CVE-2026-12292","CVE-2026-12294","CVE-2026-12295","CVE-2026-12296","CVE-2026-12297","CVE-2026-12298","CVE-2026-12299","CVE-2026-12302","CVE-2026-12304","CVE-2026-12305","CVE-2026-12306","CVE-2026-12307","CVE-2026-12308","CVE-2026-12309","CVE-2026-12310","CVE-2026-12311","CVE-2026-12312","CVE-2026-12313","CVE-2026-12314","CVE-2026-12315","CVE-2026-12324","CVE-2026-12325","CVE-2026-12327","CVE-2026-12328","CVE-2026-12329","CVE-2026-12330"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2026:27717"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489207"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489208"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489209"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489210"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489211"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489212"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489214"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489215"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489217"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489218"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489220"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489221"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489223"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489224"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489225"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489226"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489229"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489231"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489232"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489233"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489234"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489235"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489236"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489237"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489239"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489240"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489243"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489244"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489248"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_27717.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12289"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12289"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12289"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12289"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12289"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12290"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12290"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12290"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12290"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12290"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12291"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12291"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12291"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12291"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12291"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12292"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12292"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12292"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12292"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12292"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12294"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12294"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12294"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12294"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12294"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12295"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12295"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12295"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12295"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12295"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12296"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12296"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12296"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12296"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12296"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12297"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12297"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12297"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12297"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12297"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12298"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12298"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12298"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12298"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12298"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12299"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12299"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12299"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12299"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12299"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12302"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12302"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12302"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12302"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12302"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12304"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12304"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12304"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12304"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12304"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12305"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12305"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12305"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12305"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12305"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12306"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12306"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12306"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12306"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12306"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12307"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12307"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12307"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12307"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12307"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12308"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12308"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12308"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12308"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12308"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12309"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12309"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12309"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12309"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12309"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12310"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12310"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12310"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12310"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12310"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12311"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12311"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12311"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12311"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12311"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12312"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12312"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12312"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12312"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12312"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12313"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12313"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12313"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12313"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12313"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12314"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12314"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12314"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12314"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12314"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12315"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12315"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12315"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12315"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12315"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12324"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12324"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12324"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12324"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12324"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12325"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12325"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12325"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12325"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12325"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12327"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12327"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12327"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12327"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12327"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12328"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12328"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12328"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12328"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12328"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12329"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12329"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12329"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12329"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12329"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-12330"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-12330"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-12330"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-58/#CVE-2026-12330"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-61/#CVE-2026-12330"}],"affected":[{"package":{"name":"firefox","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/firefox"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:140.12.0-1.el8_10"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:27717.json"}},{"package":{"name":"firefox-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/firefox-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:140.12.0-1.el8_10"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:27717.json"}},{"package":{"name":"firefox-debugsource","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/firefox-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:140.12.0-1.el8_10"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:27717.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}