PT-2026-21693 · Mozilla · Firefox+2

Oskar L

·

Publicado

2026-01-01

·

Atualizado

2026-03-18

·

CVE-2026-2760

CVSS v3.1

10

Crítica

VetorAV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148 Firefox ESR versions prior to 115.33 Firefox ESR versions prior to 140.8 Thunderbird versions prior to 148 Thunderbird versions prior to 140.8
Description A sandbox escape is possible due to incorrect boundary conditions within the Graphics: WebRender component. This issue could allow an attacker to bypass security restrictions.
Recommendations Update Firefox to version 148 or later. Update Firefox ESR to version 115.33 or later. Update Firefox ESR to version 140.8 or later. Update Thunderbird to version 148 or later. Update Thunderbird to version 140.8 or later.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-1384

Identificadores relacionados

ALSA-2026:3338
ALSA-2026:3339
ALSA-2026:3361
ALSA-2026:3515
ALSA-2026:3516
ALSA-2026:3517
CVE-2026-2760
MGASA-2026-0052
MGASA-2026-0053
OESA-2026-1471
OESA-2026-1472
OESA-2026-1473
OESA-2026-1474
OESA-2026-1539
OESA-2026-1540
OPENSUSE-SU-2026:10242-1
OPENSUSE-SU-2026:10248-1
OPENSUSE-SU-2026:10257-1
OPENSUSE-SU-2026:20365-1
OPENSUSE-SU-2026:20391-1
RHSA-2026:3338
RHSA-2026:3339
RHSA-2026:3361
RHSA-2026:3491
RHSA-2026:3492
RHSA-2026:3493
RHSA-2026:3494
RHSA-2026:3495
RHSA-2026:3496
RHSA-2026:3497
RHSA-2026:3515
RHSA-2026:3516
RHSA-2026:3517
RHSA-2026:3976
RHSA-2026:3978
RHSA-2026:3979
RHSA-2026:3980
RHSA-2026:3981
RHSA-2026:3982
RHSA-2026:3983
RHSA-2026:3984
RHSA-2026:4022
RHSA-2026:4152
RHSA-2026:4260
RHSA-2026:4432
SUSE-SU-2026:0812-1
SUSE-SU-2026:0871-1
SUSE-SU-2026:0880-1

Produtos afetados

Firefox
Firefox Esr
Thunderbird