[Git][security-tracker-team/security-tracker][master] Add thunderbird issues from mfsa2026-17
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Feb 26 22:20:24 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9ee5b1c1 by Salvatore Bonaccorso at 2026-02-26T23:19:48+01:00
Add thunderbird issues from mfsa2026-17
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1020,14 +1020,18 @@ CVE-2026-2793 (Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2793
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2793
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2793
CVE-2026-2792 (Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7 ...)
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2792
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2792
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2792
CVE-2026-2807 (Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of ...)
- firefox 148.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2807
@@ -1035,14 +1039,18 @@ CVE-2026-2791 (Mitigation bypass in the Networking: Cache component. This vulner
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2791
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2791
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2791
CVE-2026-2790 (Same-origin policy bypass in the Networking: JAR component. This vulne ...)
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2790
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2790
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2790
CVE-2026-2806 (Uninitialized memory in the Graphics: Text component. This vulnerabili ...)
- firefox 148.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2806
@@ -1050,20 +1058,26 @@ CVE-2026-2789 (Use-after-free in the Graphics: ImageLib component. This vulnerab
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2789
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2789
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2789
CVE-2026-2788 (Incorrect boundary conditions in the Audio/Video: GMP component. This ...)
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2788
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2788
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2788
CVE-2026-2787 (Use-after-free in the DOM: Window and Location component. This vulnera ...)
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2787
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2787
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2787
CVE-2026-2805 (Invalid pointer in the DOM: Core & HTML component. This vulnerability ...)
- firefox 148.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2805
@@ -1071,8 +1085,10 @@ CVE-2026-2786 (Use-after-free in the JavaScript Engine component. This vulnerabi
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2786
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2786
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2786
CVE-2026-2804 (Use-after-free in the JavaScript: WebAssembly component. This vulnerab ...)
- firefox 148.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2804
@@ -1080,14 +1096,18 @@ CVE-2026-2785 (Invalid pointer in the JavaScript Engine component. This vulnerab
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2785
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2785
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2785
CVE-2026-2784 (Mitigation bypass in the DOM: Security component. This vulnerability a ...)
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2784
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2784
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2784
CVE-2026-2803 (Information disclosure, mitigation bypass in the Settings UI component ...)
- firefox 148.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2803
@@ -1098,14 +1118,18 @@ CVE-2026-2783 (Information disclosure due to JIT miscompilation in the JavaScrip
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2783
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2783
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2783
CVE-2026-2782 (Privilege escalation in the Netmonitor component. This vulnerability a ...)
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2782
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2782
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2782
CVE-2026-2801 (Incorrect boundary conditions in the JavaScript: WebAssembly component ...)
- firefox 148.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2801
@@ -1113,17 +1137,21 @@ CVE-2026-2781 (Integer overflow in the Libraries component in NSS. This vulnerab
{DSA-6149-1 DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
- nss 2:3.121-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2781
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2781
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2781
NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=2009552 (private)
NOTE: Fixed by: https://hg.mozilla.org/projects/nss/rev/245385e16fa6
CVE-2026-2780 (Privilege escalation in the Netmonitor component. This vulnerability a ...)
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2780
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2780
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2780
CVE-2026-2800 (Spoofing issue in the WebAuthn component in Firefox for Android. This ...)
- firefox <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2800
@@ -1131,61 +1159,81 @@ CVE-2026-2779 (Incorrect boundary conditions in the Networking: JAR component. T
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2779
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2779
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2779
CVE-2026-2778 (Sandbox escape due to incorrect boundary conditions in the DOM: Core & ...)
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2778
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2778
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2778
CVE-2026-2777 (Privilege escalation in the Messaging System component. This vulnerabi ...)
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2777
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2777
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2777
CVE-2026-2776 (Sandbox escape due to incorrect boundary conditions in the Telemetry c ...)
- firefox <unfixed>
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2776
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2776
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2776
CVE-2026-2775 (Mitigation bypass in the DOM: HTML Parser component. This vulnerabilit ...)
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2775
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2775
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2775
CVE-2026-2774 (Integer overflow in the Audio/Video component. This vulnerability affe ...)
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2774
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2774
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2774
CVE-2026-2773 (Incorrect boundary conditions in the Web Audio component. This vulnera ...)
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2773
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2773
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2773
CVE-2026-2772 (Use-after-free in the Audio/Video: Playback component. This vulnerabil ...)
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2772
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2772
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2772
CVE-2026-2771 (Undefined behavior in the DOM: Core & HTML component. This vulnerabili ...)
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2771
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2771
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2771
CVE-2026-2770 (Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerabi ...)
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2770
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2770
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2770
CVE-2026-2799 (Use-after-free in the DOM: Core & HTML component. This vulnerability a ...)
- firefox 148.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2799
@@ -1193,8 +1241,10 @@ CVE-2026-2769 (Use-after-free in the Storage: IndexedDB component. This vulnerab
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2769
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2769
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2769
CVE-2026-2798 (Use-after-free in the DOM: Core & HTML component. This vulnerability a ...)
- firefox 148.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2798
@@ -1202,26 +1252,34 @@ CVE-2026-2768 (Sandbox escape in the Storage: IndexedDB component. This vulnerab
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2768
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2768
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2768
CVE-2026-2767 (Use-after-free in the JavaScript: WebAssembly component. This vulnerab ...)
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2767
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2767
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2767
CVE-2026-2766 (Use-after-free in the JavaScript Engine: JIT component. This vulnerabi ...)
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2766
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2766
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2766
CVE-2026-2765 (Use-after-free in the JavaScript Engine component. This vulnerability ...)
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2765
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2765
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2765
CVE-2026-2797 (Use-after-free in the JavaScript: GC component. This vulnerability aff ...)
- firefox 148.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2797
@@ -1232,32 +1290,42 @@ CVE-2026-2764 (JIT miscompilation, use-after-free in the JavaScript Engine: JIT
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2764
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2764
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2764
CVE-2026-2763 (Use-after-free in the JavaScript Engine component. This vulnerability ...)
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2763
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2763
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2763
CVE-2026-2762 (Integer overflow in the JavaScript: Standard Library component. This v ...)
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2762
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2762
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2762
CVE-2026-2761 (Sandbox escape in the Graphics: WebRender component. This vulnerabilit ...)
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2761
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2761
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2761
CVE-2026-2760 (Sandbox escape due to incorrect boundary conditions in the Graphics: W ...)
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - tunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2760
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2760
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2760
CVE-2026-2795 (Use-after-free in the JavaScript: GC component. This vulnerability aff ...)
- firefox 148.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2795
@@ -1265,14 +1333,18 @@ CVE-2026-2759 (Incorrect boundary conditions in the Graphics: ImageLib component
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2759
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2759
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2759
CVE-2026-2758 (Use-after-free in the JavaScript: GC component. This vulnerability aff ...)
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2758
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2758
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2758
CVE-2026-2794 (Information disclosure due to uninitialized memory in Firefox and Fire ...)
- firefox <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2794
@@ -1280,8 +1352,10 @@ CVE-2026-2757 (Incorrect boundary conditions in the WebRTC: Audio/Video componen
{DSA-6148-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2757
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2757
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2757
CVE-2026-3091 (An uncontrolled search path element vulnerability in Synology Presto C ...)
NOT-FOR-US: Synology
CVE-2026-3075 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ee5b1c122b6e8a917f9c266ec805cfd4d7e228a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ee5b1c122b6e8a917f9c266ec805cfd4d7e228a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260226/d97e84fd/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list