rpm package
suse/MozillaFirefox&distro=SUSE Linux Enterprise Server 15 SP6-LTSS
pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSS
Vulnerabilities (121)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-4713 | Hig | 7.5 | < 140.9.0-150200.152.225.1 | 140.9.0-150200.152.225.1 | Mar 24, 2026 | Incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |
| CVE-2026-4712 | Hig | 7.5 | < 140.9.0-150200.152.225.1 | 140.9.0-150200.152.225.1 | Mar 24, 2026 | Information disclosure in the Widget: Cocoa component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |
| CVE-2026-4711 | Cri | 9.8 | < 140.9.0-150200.152.225.1 | 140.9.0-150200.152.225.1 | Mar 24, 2026 | Use-after-free in the Widget: Cocoa component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |
| CVE-2026-4710 | Cri | 9.8 | < 140.9.0-150200.152.225.1 | 140.9.0-150200.152.225.1 | Mar 24, 2026 | Incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |
| CVE-2026-4709 | Hig | 7.5 | < 140.9.0-150200.152.225.1 | 140.9.0-150200.152.225.1 | Mar 24, 2026 | Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |
| CVE-2026-4708 | Hig | 7.5 | < 140.9.0-150200.152.225.1 | 140.9.0-150200.152.225.1 | Mar 24, 2026 | Incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |
| CVE-2026-4707 | Hig | 7.5 | < 140.9.0-150200.152.225.1 | 140.9.0-150200.152.225.1 | Mar 24, 2026 | Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |
| CVE-2026-4706 | Hig | 7.5 | < 140.9.0-150200.152.225.1 | 140.9.0-150200.152.225.1 | Mar 24, 2026 | Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |
| CVE-2026-4705 | Cri | 9.8 | < 140.9.0-150200.152.225.1 | 140.9.0-150200.152.225.1 | Mar 24, 2026 | Undefined behavior in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |
| CVE-2026-4704 | Hig | 7.5 | < 140.9.0-150200.152.225.1 | 140.9.0-150200.152.225.1 | Mar 24, 2026 | Denial-of-service in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |
| CVE-2026-4702 | Cri | 9.8 | < 140.9.0-150200.152.225.1 | 140.9.0-150200.152.225.1 | Mar 24, 2026 | JIT miscompilation in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |
| CVE-2026-4701 | Cri | 9.8 | < 140.9.0-150200.152.225.1 | 140.9.0-150200.152.225.1 | Mar 24, 2026 | Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |
| CVE-2026-4700 | Cri | 9.8 | < 140.9.0-150200.152.225.1 | 140.9.0-150200.152.225.1 | Mar 24, 2026 | Mitigation bypass in the Networking: HTTP component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |
| CVE-2026-4699 | Hig | 7.5 | < 140.9.0-150200.152.225.1 | 140.9.0-150200.152.225.1 | Mar 24, 2026 | Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |
| CVE-2026-4698 | Cri | 9.8 | < 140.9.0-150200.152.225.1 | 140.9.0-150200.152.225.1 | Mar 24, 2026 | JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |
| CVE-2026-4697 | Hig | 7.5 | < 140.9.0-150200.152.225.1 | 140.9.0-150200.152.225.1 | Mar 24, 2026 | Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |
| CVE-2026-4696 | Cri | 9.8 | < 140.9.0-150200.152.225.1 | 140.9.0-150200.152.225.1 | Mar 24, 2026 | Use-after-free in the Layout: Text and Fonts component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |
| CVE-2026-4695 | Hig | 7.5 | < 140.9.0-150200.152.225.1 | 140.9.0-150200.152.225.1 | Mar 24, 2026 | Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |
| CVE-2026-4694 | Hig | 7.5 | < 140.9.0-150200.152.225.1 | 140.9.0-150200.152.225.1 | Mar 24, 2026 | Incorrect boundary conditions, integer overflow in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |
| CVE-2026-4693 | Hig | 7.5 | < 140.9.0-150200.152.225.1 | 140.9.0-150200.152.225.1 | Mar 24, 2026 | Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. |
- affected < 140.9.0-150200.152.225.1fixed 140.9.0-150200.152.225.1
Incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
- affected < 140.9.0-150200.152.225.1fixed 140.9.0-150200.152.225.1
Information disclosure in the Widget: Cocoa component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
- affected < 140.9.0-150200.152.225.1fixed 140.9.0-150200.152.225.1
Use-after-free in the Widget: Cocoa component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
- affected < 140.9.0-150200.152.225.1fixed 140.9.0-150200.152.225.1
Incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
- affected < 140.9.0-150200.152.225.1fixed 140.9.0-150200.152.225.1
Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
- affected < 140.9.0-150200.152.225.1fixed 140.9.0-150200.152.225.1
Incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
- affected < 140.9.0-150200.152.225.1fixed 140.9.0-150200.152.225.1
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
- affected < 140.9.0-150200.152.225.1fixed 140.9.0-150200.152.225.1
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
- affected < 140.9.0-150200.152.225.1fixed 140.9.0-150200.152.225.1
Undefined behavior in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
- affected < 140.9.0-150200.152.225.1fixed 140.9.0-150200.152.225.1
Denial-of-service in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
- affected < 140.9.0-150200.152.225.1fixed 140.9.0-150200.152.225.1
JIT miscompilation in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
- affected < 140.9.0-150200.152.225.1fixed 140.9.0-150200.152.225.1
Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
- affected < 140.9.0-150200.152.225.1fixed 140.9.0-150200.152.225.1
Mitigation bypass in the Networking: HTTP component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
- affected < 140.9.0-150200.152.225.1fixed 140.9.0-150200.152.225.1
Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
- affected < 140.9.0-150200.152.225.1fixed 140.9.0-150200.152.225.1
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
- affected < 140.9.0-150200.152.225.1fixed 140.9.0-150200.152.225.1
Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
- affected < 140.9.0-150200.152.225.1fixed 140.9.0-150200.152.225.1
Use-after-free in the Layout: Text and Fonts component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
- affected < 140.9.0-150200.152.225.1fixed 140.9.0-150200.152.225.1
Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
- affected < 140.9.0-150200.152.225.1fixed 140.9.0-150200.152.225.1
Incorrect boundary conditions, integer overflow in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
- affected < 140.9.0-150200.152.225.1fixed 140.9.0-150200.152.225.1
Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
Page 3 of 7