Copyright © 2012 Red Hat, Inc. All rights reserved. Important 2026-03-24T12:30:27 firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CWE-787

Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Audio/Video: Web Codecs component

Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. Red Hat Enterprise Linux 10 2026-03-26T00:00:00Z RHSA-2026:5931 firefox-0:140.9.0-1.el10_1 Red Hat Enterprise Linux 10 2026-04-01T00:00:00Z RHSA-2026:6342 thunderbird-0:140.9.0-1.el10_1 Red Hat Enterprise Linux 8 2026-03-26T00:00:00Z RHSA-2026:5932 firefox-0:140.9.0-1.el8_10 Red Hat Enterprise Linux 9 2026-03-26T00:00:00Z RHSA-2026:5930 firefox-0:140.9.0-1.el9_7 Red Hat Enterprise Linux 9 2026-03-30T00:00:00Z RHSA-2026:6188 thunderbird-0:140.9.0-1.el9_7 Red Hat Enterprise Linux 10 Affected rhel10/firefox-flatpak Red Hat Enterprise Linux 10 Affected rhel10/thunderbird-flatpak Red Hat Enterprise Linux 6 Out of support scope firefox Red Hat Enterprise Linux 6 Out of support scope thunderbird Red Hat Enterprise Linux 7 Affected firefox Red Hat Enterprise Linux 7 Out of support scope thunderbird Red Hat Enterprise Linux 8 Affected thunderbird https://www.cve.org/CVERecord?id=CVE-2026-4697 https://nvd.nist.gov/vuln/detail/CVE-2026-4697 https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4697 https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4697