{"id":"MGASA-2026-0165","summary":"Updated nspr, nss and firefox(-l10n) packages fix security issues","details":"The updated packages fix security vulnerabilities:\nIncorrect boundary conditions in the Audio/Video: Web Codecs component.\n(CVE-2026-8946)\nIncorrect boundary conditions in the JavaScript Engine: JIT component.\n(CVE-2026-8388)\nUse-after-free in the DOM: Bindings (WebIDL) component. (CVE-2026-8947)\nOther issue in the JavaScript Engine component. (CVE-2026-8391)\nSandbox escape in the Profile Backup component. (CVE-2026-8401)\nSame-origin policy bypass in the Networking: HTTP component.\n(CVE-2026-8950)\nSandbox escape due to use-after-free in the Disability Access APIs\ncomponent. (CVE-2026-8953)\nIncorrect boundary conditions, integer overflow in the Audio/Video\ncomponent. (CVE-2026-8954)\nPrivilege escalation in the DOM: Workers component. (CVE-2026-8955)\nInteger overflow in the Networking: JAR component. (CVE-2026-8956)\nPrivilege escalation in the Enterprise Policies component.\n(CVE-2026-8957)\nInformation disclosure, sandbox escape in the Security: Process\nSandboxing component. (CVE-2026-8958)\nSpoofing issue in the Form Autofill component. (CVE-2026-8961)\nMitigation bypass in the DOM: Security component. (CVE-2026-8962)\nDenial-of-service due to invalid pointer in the Audio/Video: Web Codecs\ncomponent. (CVE-2026-8968)\nPrivilege escalation in the Security component. (CVE-2026-8970)\nMemory safety bugs fixed in Firefox ESR 140.11 and Firefox 151.\n(CVE-2026-8974)\nMemory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and\nFirefox 151. (CVE-2026-8975)\n","modified":"2026-05-29T05:15:04.594214320Z","published":"2026-05-29T05:12:50Z","upstream":["CVE-2026-8388","CVE-2026-8391","CVE-2026-8401","CVE-2026-8946","CVE-2026-8947","CVE-2026-8950","CVE-2026-8953","CVE-2026-8954","CVE-2026-8955","CVE-2026-8956","CVE-2026-8957","CVE-2026-8958","CVE-2026-8961","CVE-2026-8962","CVE-2026-8968","CVE-2026-8970","CVE-2026-8974","CVE-2026-8975"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2026-0165.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=35555"},{"type":"WEB","url":"https://groups.google.com/a/mozilla.org/g/dev-tech-crypto/c/S3z0rOO1xpg"},{"type":"WEB","url":"https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_124.html"},{"type":"WEB","url":"https://www.firefox.com/en-US/firefox/140.11.0/releasenotes/"},{"type":"ADVISORY","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/"}],"affected":[{"package":{"name":"nspr","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/nspr?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.39.0-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2026-0165.json"}},{"package":{"name":"nss","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/nss?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.124.0-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2026-0165.json"}},{"package":{"name":"firefox","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/firefox?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"140.11.0-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2026-0165.json"}},{"package":{"name":"firefox-l10n","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/firefox-l10n?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"140.11.0-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2026-0165.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}