{ "schema_version": "1.7.0", "id": "MGASA-2026-0165", "published": "2026-05-29T05:12:50Z", "modified": "2026-05-29T04:23:34Z", "summary": "Updated nspr, nss and firefox(-l10n) packages fix security issues", "details": "The updated packages fix security vulnerabilities:\nIncorrect boundary conditions in the Audio/Video: Web Codecs component.\n(CVE-2026-8946)\nIncorrect boundary conditions in the JavaScript Engine: JIT component.\n(CVE-2026-8388)\nUse-after-free in the DOM: Bindings (WebIDL) component. (CVE-2026-8947)\nOther issue in the JavaScript Engine component. (CVE-2026-8391)\nSandbox escape in the Profile Backup component. (CVE-2026-8401)\nSame-origin policy bypass in the Networking: HTTP component.\n(CVE-2026-8950)\nSandbox escape due to use-after-free in the Disability Access APIs\ncomponent. (CVE-2026-8953)\nIncorrect boundary conditions, integer overflow in the Audio/Video\ncomponent. (CVE-2026-8954)\nPrivilege escalation in the DOM: Workers component. (CVE-2026-8955)\nInteger overflow in the Networking: JAR component. (CVE-2026-8956)\nPrivilege escalation in the Enterprise Policies component.\n(CVE-2026-8957)\nInformation disclosure, sandbox escape in the Security: Process\nSandboxing component. (CVE-2026-8958)\nSpoofing issue in the Form Autofill component. (CVE-2026-8961)\nMitigation bypass in the DOM: Security component. (CVE-2026-8962)\nDenial-of-service due to invalid pointer in the Audio/Video: Web Codecs\ncomponent. (CVE-2026-8968)\nPrivilege escalation in the Security component. (CVE-2026-8970)\nMemory safety bugs fixed in Firefox ESR 140.11 and Firefox 151.\n(CVE-2026-8974)\nMemory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and\nFirefox 151. (CVE-2026-8975)\n", "upstream": [ "CVE-2026-8388", "CVE-2026-8391", "CVE-2026-8401", "CVE-2026-8946", "CVE-2026-8947", "CVE-2026-8950", "CVE-2026-8953", "CVE-2026-8954", "CVE-2026-8955", "CVE-2026-8956", "CVE-2026-8957", "CVE-2026-8958", "CVE-2026-8961", "CVE-2026-8962", "CVE-2026-8968", "CVE-2026-8970", "CVE-2026-8974", "CVE-2026-8975" ], "references": [ { "type": "ADVISORY", "url": "https://advisories.mageia.org/MGASA-2026-0165.html" }, { "type": "REPORT", "url": "https://bugs.mageia.org/show_bug.cgi?id=35555" }, { "type": "WEB", "url": "https://groups.google.com/a/mozilla.org/g/dev-tech-crypto/c/S3z0rOO1xpg" }, { "type": "WEB", "url": "https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_124.html" }, { "type": "WEB", "url": "https://www.firefox.com/en-US/firefox/140.11.0/releasenotes/" }, { "type": "ADVISORY", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/" } ], "affected": [ { "package": { "ecosystem": "Mageia:9", "name": "nspr", "purl": "pkg:rpm/mageia/nspr?arch=source&distro=mageia-9" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "4.39.0-1.mga9" } ] } ], "ecosystem_specific": { "section": "core" } }, { "package": { "ecosystem": "Mageia:9", "name": "nss", "purl": "pkg:rpm/mageia/nss?arch=source&distro=mageia-9" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "3.124.0-1.mga9" } ] } ], "ecosystem_specific": { "section": "core" } }, { "package": { "ecosystem": "Mageia:9", "name": "firefox", "purl": "pkg:rpm/mageia/firefox?arch=source&distro=mageia-9" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "140.11.0-1.mga9" } ] } ], "ecosystem_specific": { "section": "core" } }, { "package": { "ecosystem": "Mageia:9", "name": "firefox-l10n", "purl": "pkg:rpm/mageia/firefox-l10n?arch=source&distro=mageia-9" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "140.11.0-1.mga9" } ] } ], "ecosystem_specific": { "section": "core" } } ], "credits": [ { "name": "Mageia", "type": "COORDINATOR", "contact": [ "https://wiki.mageia.org/en/Packages_Security_Team" ] } ] }