MGASA-2026-0014
- Source
- https://advisories.mageia.org/MGASA-2026-0014.html
- Import Source
- https://advisories.mageia.org/MGASA-2026-0014.json
- JSON Data
- https://api.osv.dev/v1/vulns/MGASA-2026-0014
- Related
- Published
- 2026-01-20T03:25:41Z
- Modified
- 2026-02-04T02:21:31.039268Z
- Summary
- Updated thunderbird packages fix security vulnerabilities
- Details
-
Mitigation bypass in the DOM: Security component. (CVE-2026-0877) Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. (CVE-2026-0878) Sandbox escape due to incorrect boundary conditions in the Graphics component. (CVE-2026-0879) Sandbox escape due to integer overflow in the Graphics component. (CVE-2026-0880) Use-after-free in the IPC component. (CVE-2026-0882) Spoofing issue in the Downloads Panel component. (CVE-2025-14327) Information disclosure in the Networking component. (CVE-2026-0883) Use-after-free in the JavaScript Engine component. (CVE-2026-0884) Use-after-free in the JavaScript: GC component. (CVE-2026-0885) Incorrect boundary conditions in the Graphics component. (CVE-2026-0886) Clickjacking issue, information disclosure in the PDF Viewer component. (CVE-2026-0887) Spoofing issue in the DOM: Copy & Paste and Drag & Drop component. (CVE-2026-0890) Memory safety bugs fixed in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. (CVE-2026-0891)
- References
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:9 / thunderbird
Package
- Name
- thunderbird
- Purl
- pkg:rpm/mageia/thunderbird?arch=source&distro=mageia-9
Mageia:9 / thunderbird-l10n
Package
- Name
- thunderbird-l10n
- Purl
- pkg:rpm/mageia/thunderbird-l10n?arch=source&distro=mageia-9