Red Hat Security Advisory: firefox security update
🔗 CVE IDs covered (37)
📋 Description
CVE-2026-4684 — firefox: thunderbird: Race condition, use-after-free in the Graphics: WebRender component CVE-2026-4685 — firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component CVE-2026-4686 — firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component CVE-2026-4687 — firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Telemetry component CVE-2026-4688 — firefox: thunderbird: Sandbox escape due to use-after-free in the Disability Access APIs component CVE-2026-4689 — firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component CVE-2026-4690 — firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component CVE-2026-4691 — firefox: thunderbird: Use-after-free in the CSS Parsing and Computation component CVE-2026-4692 — firefox: thunderbird: Sandbox escape in the Responsive Design Mode component CVE-2026-4693 — firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Playback component CVE-2026-4694 — firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics component CVE-2026-4695 — firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component CVE-2026-4696 — firefox: thunderbird: Use-after-free in the Layout: Text and Fonts component CVE-2026-4697 — firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component CVE-2026-4698 — firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component CVE-2026-4699 — firefox: thunderbird: Incorrect boundary conditions in the Layout: Text and Fonts component CVE-2026-4700 — firefox: thunderbird: Mitigation bypass in the Networking: HTTP component CVE-2026-4701 — firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-4702 — firefox: thunderbird: JIT miscompilation in the JavaScript Engine component CVE-2026-4704 — firefox: thunderbird: Denial-of-service in the WebRTC: Signaling component CVE-2026-4705 — firefox: thunderbird: Undefined behavior in the WebRTC: Signaling component CVE-2026-4706 — firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component CVE-2026-4707 — firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component CVE-2026-4708 — firefox: thunderbird: Incorrect boundary conditions in the Graphics component CVE-2026-4709 — firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: GMP component CVE-2026-4710 — firefox: thunderbird: Incorrect boundary conditions in the Audio/Video component CVE-2026-4711 — firefox: thunderbird: Use-after-free in the Widget: Cocoa component CVE-2026-4712 — firefox: thunderbird: Information disclosure in the Widget: Cocoa component CVE-2026-4713 — firefox: thunderbird: Incorrect boundary conditions in the Graphics component CVE-2026-4714 — firefox: thunderbird: Incorrect boundary conditions in the Audio/Video component CVE-2026-4715 — firefox: thunderbird: Uninitialized memory in the Graphics: Canvas2D component CVE-2026-4716 — firefox: thunderbird: Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component CVE-2026-4717 — firefox: thunderbird: Privilege escalation in the Netmonitor component CVE-2026-4718 — firefox: thunderbird: Undefined behavior in the WebRTC: Signaling component CVE-2026-4719 — firefox: thunderbird: Incorrect boundary conditions in the Graphics: Text component CVE-2026-4720 — firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149 CVE-2026-4721 — firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149
🔗 References (40)
- selfhttps://access.redhat.com/errata/RHSA-2026:8427
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450710
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450711
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450712
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450713
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450714
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450715
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450718
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450719
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450720
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450721
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450722
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450723
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450724
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450725
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450726
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450727
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450728
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450729
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450730
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450732
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450733
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450734
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450735
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450738
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450739
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450740
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450741
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450742
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450744
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450746
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450747
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450748
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450751
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450752
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450755
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450756
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450757
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_8427.json