[Git][security-tracker-team/security-tracker][master] Add new firefox issues from mfsa2026-20
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Mar 24 19:06:31 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
40e7044b by Salvatore Bonaccorso at 2026-03-24T20:03:17+01:00
Add new firefox issues from mfsa2026-20
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,138 @@
+CVE-2026-4721
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4721
+CVE-2026-4729
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4729
+CVE-2026-4720
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4720
+CVE-2026-4719
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4719
+CVE-2026-4718
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4718
+CVE-2026-4728
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4728
+CVE-2026-4727
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4727
+CVE-2026-4726
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4726
+CVE-2026-4717
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4717
+CVE-2026-4716
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4716
+CVE-2026-4715
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4715
+CVE-2026-4714
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4714
+CVE-2026-4713
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4713
+CVE-2026-4712
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4712
+CVE-2026-4725
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4725
+CVE-2026-4711
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4711
+CVE-2026-4710
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4710
+CVE-2026-4709
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4709
+CVE-2026-4708
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4708
+CVE-2026-4707
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4707
+CVE-2026-4706
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4706
+CVE-2026-4705
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4705
+CVE-2026-4704
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4704
+CVE-2026-4724
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4724
+CVE-2026-4723
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4723
+CVE-2026-4702
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4702
+CVE-2026-4722
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4722
+CVE-2026-4701
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4701
+CVE-2026-4700
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4700
+CVE-2026-4699
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4699
+CVE-2026-4698
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4698
+CVE-2026-4697
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4697
+CVE-2026-4696
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4696
+CVE-2026-4695
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4695
+CVE-2026-4694
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4694
+CVE-2026-4693
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4693
+CVE-2026-4692
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4692
+CVE-2026-4691
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4691
+CVE-2026-4690
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4690
+CVE-2026-4689
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4689
+CVE-2026-4688
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4688
+CVE-2026-4687
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4687
+CVE-2026-4686
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4686
+CVE-2026-4685
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4685
+CVE-2026-4684
+ - firefox <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2026-4684
CVE-2026-4756 (Out-of-bounds Write vulnerability in MolotovCherry Android-ImageMagick ...)
NOT-FOR-US: Android-ImageMagick7 (not associating it with src:imagemagick)
CVE-2026-4755 (CWE-20 vulnerability in MolotovCherry Android-ImageMagick7.This issue ...)
@@ -76427,6 +76562,7 @@ CVE-2025-59378 (In guix-daemon in GNU Guix before 1618ca7, a content-addressed-m
NOTE: Fixed by: https://codeberg.org/guix/guix/commit/f607aaaaaafe19257ef09ca519d325df6ae97e05
NOTE: Fixed by: https://codeberg.org/guix/guix/commit/9202921e812708b23788b2209cdb576d456f56db
CVE-2025-59375 (libexpat in Expat before 2.7.2 allows attackers to trigger large dynam ...)
+ - firefox <unfixed>
- expat 2.7.2-1 (bug #1115298)
[trixie] - expat <no-dsa> (Minor issue)
[bookworm] - expat <ignored> (Minor issue)
@@ -76456,6 +76592,7 @@ CVE-2025-59375 (libexpat in Expat before 2.7.2 allows attackers to trigger large
NOTE: Follow-up: https://github.com/libexpat/libexpat/pull/1048 (R_2_7_3)
NOTE: Not a vulnerability per se, but rather a hardening and continuation of
NOTE: the billion laughs attack feature work (cf. CVE-2013-0340)
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-20/#CVE-2025-59375
CVE-2025-59364 (The express-xss-sanitizer (aka Express XSS Sanitizer) package through ...)
NOT-FOR-US: Node express-xss-sanitizer
CVE-2025-41713 (During a short time frame while the device is booting an unauthenticat ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/40e7044bf8a189f8f5cce87f53a340f2876681a7
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/40e7044bf8a189f8f5cce87f53a340f2876681a7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260324/a746e820/attachment.htm>
More information about the debian-security-tracker-commits
mailing list