Mozilla發布Firefox 150.0.2,修補3項高風險漏洞
Posted in
業界新聞
新聞
關於漏洞嚴重程度的區分,美國國家漏洞資料庫(NVD)將CVE-2026-8090與CVE-2026-8093的CVSS風險,評為7.3分與7.5分,但漏洞管理廠商Tenable有不同看法,他們認為CVE-2026-8092屬重大層級風險,將此漏洞的嚴重性評為9.8分。
值得留意的是,CVE-2026-8090與CVE-2026-8092同時影響長期支援版本(ESR),為此Mozilla也發布Firefox ESR 140.10.2與115.35.2修補。
CVE-2026-8092
Memory safety bugs present in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR 140.10.2, and Firefox ESR 115.35.2.
www.tenable.com
Comments (0)