VYPR

rpm package

almalinux/firefox-x11

pkg:rpm/almalinux/firefox-x11

Vulnerabilities (391)

  • CVE-2026-4711CriMar 24, 2026
    affected < 140.9.0-1.el9_7.alma.1fixed 140.9.0-1.el9_7.alma.1

    Use-after-free in the Widget: Cocoa component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4710CriMar 24, 2026
    affected < 140.9.0-1.el9_7.alma.1fixed 140.9.0-1.el9_7.alma.1

    Incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4709HigMar 24, 2026
    affected < 140.9.0-1.el9_7.alma.1fixed 140.9.0-1.el9_7.alma.1

    Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4708HigMar 24, 2026
    affected < 140.9.0-1.el9_7.alma.1fixed 140.9.0-1.el9_7.alma.1

    Incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4707HigMar 24, 2026
    affected < 140.9.0-1.el9_7.alma.1fixed 140.9.0-1.el9_7.alma.1

    Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4706HigMar 24, 2026
    affected < 140.9.0-1.el9_7.alma.1fixed 140.9.0-1.el9_7.alma.1

    Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4705CriMar 24, 2026
    affected < 140.9.0-1.el9_7.alma.1fixed 140.9.0-1.el9_7.alma.1

    Undefined behavior in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4704HigMar 24, 2026
    affected < 140.9.0-1.el9_7.alma.1fixed 140.9.0-1.el9_7.alma.1

    Denial-of-service in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4702CriMar 24, 2026
    affected < 140.9.0-1.el9_7.alma.1fixed 140.9.0-1.el9_7.alma.1

    JIT miscompilation in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4701CriMar 24, 2026
    affected < 140.9.0-1.el9_7.alma.1fixed 140.9.0-1.el9_7.alma.1

    Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4700CriMar 24, 2026
    affected < 140.9.0-1.el9_7.alma.1fixed 140.9.0-1.el9_7.alma.1

    Mitigation bypass in the Networking: HTTP component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4699HigMar 24, 2026
    affected < 140.9.0-1.el9_7.alma.1fixed 140.9.0-1.el9_7.alma.1

    Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4698CriMar 24, 2026
    affected < 140.9.0-1.el9_7.alma.1fixed 140.9.0-1.el9_7.alma.1

    JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4697HigMar 24, 2026
    affected < 140.9.0-1.el9_7.alma.1fixed 140.9.0-1.el9_7.alma.1

    Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4696CriMar 24, 2026
    affected < 140.9.0-1.el9_7.alma.1fixed 140.9.0-1.el9_7.alma.1

    Use-after-free in the Layout: Text and Fonts component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4695HigMar 24, 2026
    affected < 140.9.0-1.el9_7.alma.1fixed 140.9.0-1.el9_7.alma.1

    Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4694HigMar 24, 2026
    affected < 140.9.0-1.el9_7.alma.1fixed 140.9.0-1.el9_7.alma.1

    Incorrect boundary conditions, integer overflow in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4693HigMar 24, 2026
    affected < 140.9.0-1.el9_7.alma.1fixed 140.9.0-1.el9_7.alma.1

    Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4692CriMar 24, 2026
    affected < 140.9.0-1.el9_7.alma.1fixed 140.9.0-1.el9_7.alma.1

    Sandbox escape in the Responsive Design Mode component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4691CriMar 24, 2026
    affected < 140.9.0-1.el9_7.alma.1fixed 140.9.0-1.el9_7.alma.1

    Use-after-free in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

Page 3 of 20