ГлавнаяУязвимости → CVE-2026-2447
8.8высокая

CVE-2026-2447

Описание

Heap buffer overflow in libvpx. This vulnerability was fixed in Firefox 147.0.4, Firefox ESR 140.7.1, Firefox ESR 115.32.1, Thunderbird 140.7.2, and Thunderbird 147.0.2.

Затрагиваемое ПО
Mozilla FirefoxMozilla Thunderbird
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Источники
https://bugzilla.mozilla.org/show_bug.cgi?id=2014390https://www.mozilla.org/security/advisories/mfsa2026-10/https://www.mozilla.org/security/advisories/mfsa2026-11/https://lists.debian.org/debian-lts-announce/2026/02/msg00028.htmlhttps://access.redhat.com/errata/RHSA-2026:16174https://access.redhat.com/errata/RHSA-2026:3338https://access.redhat.com/errata/RHSA-2026:3339https://access.redhat.com/errata/RHSA-2026:3361