PT-2026-27399 · Mozilla · Firefox+2

Pizzahunthack1

·

Publicado

2026-01-01

·

Atualizado

2026-04-17

·

CVE-2026-4700

CVSS v3.1

9.8

Crítica

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 149 Firefox ESR versions prior to 140.9 Thunderbird versions prior to 149 Thunderbird versions prior to 140.9
Description A mitigation bypass exists in the Networking: HTTP component. This issue could allow bypassing existing security measures.
Recommendations Update Firefox to version 149 or later. Update Firefox ESR to version 140.9 or later. Update Thunderbird to version 149 or later. Update Thunderbird to version 140.9 or later.

Correção

Authentication Bypass Using an Alternate Path or Channel

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-288

Identificadores relacionados

ALSA-2026:5930
ALSA-2026:5931
ALSA-2026:5932
ALSA-2026:6188
ALSA-2026:6342
ALSA-2026:6917
CVE-2026-4700
MGASA-2026-0080
MGASA-2026-0081
OESA-2026-1705
OESA-2026-1706
OESA-2026-1707
OESA-2026-1708
OESA-2026-1709
OESA-2026-1993
OESA-2026-1994
OPENSUSE-SU-2026:10413-1
OPENSUSE-SU-2026:10447-1
OPENSUSE-SU-2026:10458-1
OPENSUSE-SU-2026:20439-1
RHSA-2026:5930
RHSA-2026:5931
RHSA-2026:5932
RHSA-2026:6188
RHSA-2026:6342
RHSA-2026:6917
RHSA-2026:7837
RHSA-2026:7838
RHSA-2026:7839
RHSA-2026:7840
RHSA-2026:7841
RHSA-2026:7842
RHSA-2026:7843
RHSA-2026:7845
RHSA-2026:7858
RHSA-2026:8284
RHSA-2026:8285
RHSA-2026:8286
RHSA-2026:8287
RHSA-2026:8288
RHSA-2026:8289
RHSA-2026:8290
RHSA-2026:8315
RHSA-2026:8427
RHSA-2026:8850
SUSE-SU-2026:1126-1
SUSE-SU-2026:1127-1
SUSE-SU-2026:1163-1
SUSE-SU-2026:20978-1

Produtos afetados

Firefox
Firefox Esr
Thunderbird