MGASA-2026-0013
- Source
- https://advisories.mageia.org/MGASA-2026-0013.html
- Import Source
- https://advisories.mageia.org/MGASA-2026-0013.json
- JSON Data
- https://api.osv.dev/v1/vulns/MGASA-2026-0013
- Related
- Published
- 2026-01-20T03:25:41Z
- Modified
- 2026-02-04T02:19:31.163573Z
- Summary
- Updated nss & firefox packages fix security vulnerabilities
- Details
-
Mitigation bypass in the DOM: Security component. (CVE-2026-0877) Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. (CVE-2026-0878) Sandbox escape due to incorrect boundary conditions in the Graphics component. (CVE-2026-0879) Sandbox escape due to integer overflow in the Graphics component. (CVE-2026-0880) Use-after-free in the IPC component. (CVE-2026-0882) Spoofing issue in the Downloads Panel component. (CVE-2025-14327) Information disclosure in the Networking component. (CVE-2026-0883) Use-after-free in the JavaScript Engine component. (CVE-2026-0884) Use-after-free in the JavaScript: GC component. (CVE-2026-0885) Incorrect boundary conditions in the Graphics component. (CVE-2026-0886) Clickjacking issue, information disclosure in the PDF Viewer component. (CVE-2026-0887) Spoofing issue in the DOM: Copy & Paste and Drag & Drop component. (CVE-2026-0890) Memory safety bugs fixed in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. (CVE-2026-0891)
- References
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:9 / nss
Package
- Name
- nss
- Purl
- pkg:rpm/mageia/nss?arch=source&distro=mageia-9
Mageia:9 / firefox
Package
- Name
- firefox
- Purl
- pkg:rpm/mageia/firefox?arch=source&distro=mageia-9
Mageia:9 / firefox-l10n
Package
- Name
- firefox-l10n
- Purl
- pkg:rpm/mageia/firefox-l10n?arch=source&distro=mageia-9