{ "document":{ "aggregate_severity":{ "namespace":"https://nvd.nist.gov/vuln-metrics/cvss", "text":"HIGH" }, "category":"csaf_vex", "csaf_version":"2.0", "distribution":{ "tlp":{ "label":"WHITE", "url":"https:/www.first.org/tlp/" } }, "lang":"en", "notes":[ { "text":"An incorrect boundary conditions vulnerability (CWE-119) exists in the Network Security Services (NSS) library used by Mozilla Firefox. The vulnerability occurs when the product performs operations on a memory buffer, allowing it to read from or write to a memory location outside the intended boundary of the buffer, leading to memory corruption. This impacts confidentiality, integrity, and availability. Affected versions include Firefox up to 149, Firefox ESR prior to 115.35, Firefox ESR prior to 140.10, Thunderbird prior to 150, and Thunderbird prior to 140.10.", "category":"general", "title":"Synopsis" } ], "publisher":null, "references":[ { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6772" }, { "summary":"CVE-2026-6772 vex file", "category":"self", "url":"https://repo.openeuler.org/security/data/csaf/cve/2026/csaf-openeuler-cve-2026-6772.json" }, { "summary":"openEuler-SA-2026-2109", "category":"self", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2109" }, { "summary":"CVE-2026-6772", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-6772&packageName=thunderbird" } ], "title":"openEuler cve CVE-2026-6772", "tracking":{ "initial_release_date":"2026-04-28T10:55:12+08:00", "revision_history":[ { "date":"2026-04-28T10:55:12+08:00", "summary":"Initial", "number":"1.0.0" } ], "generator":{ "date":"2026-04-28T10:55:12+08:00", "engine":{ "name":"openEuler CSAF Tool V1.0" } }, "current_release_date":"2026-04-28T10:55:12+08:00", "id":"CVE-2026-6772", "version":"1.0.0", "status":"interim" } }, "product_tree":{ "branches":[ { "name":"openEuler", "category":"vendor", "branches":[ { "name":"openEuler", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"openEuler-24.03-LTS-SP3", "name":"openEuler-24.03-LTS-SP3" }, "name":"openEuler-24.03-LTS-SP3", "category":"product_version" } ], "category":"product_name" }, { "name":"aarch64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"thunderbird-140.10.0-1.oe2403sp3.aarch64.rpm", "name":"thunderbird-140.10.0-1.oe2403sp3.aarch64.rpm" }, "name":"thunderbird-140.10.0-1.oe2403sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"thunderbird-debuginfo-140.10.0-1.oe2403sp3.aarch64.rpm", "name":"thunderbird-debuginfo-140.10.0-1.oe2403sp3.aarch64.rpm" }, "name":"thunderbird-debuginfo-140.10.0-1.oe2403sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"thunderbird-debugsource-140.10.0-1.oe2403sp3.aarch64.rpm", "name":"thunderbird-debugsource-140.10.0-1.oe2403sp3.aarch64.rpm" }, "name":"thunderbird-debugsource-140.10.0-1.oe2403sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"thunderbird-librnp-rnp-140.10.0-1.oe2403sp3.aarch64.rpm", "name":"thunderbird-librnp-rnp-140.10.0-1.oe2403sp3.aarch64.rpm" }, "name":"thunderbird-librnp-rnp-140.10.0-1.oe2403sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"thunderbird-wayland-140.10.0-1.oe2403sp3.aarch64.rpm", "name":"thunderbird-wayland-140.10.0-1.oe2403sp3.aarch64.rpm" }, "name":"thunderbird-wayland-140.10.0-1.oe2403sp3.aarch64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"src", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"thunderbird-140.10.0-1.oe2403sp3.src.rpm", "name":"thunderbird-140.10.0-1.oe2403sp3.src.rpm" }, "name":"thunderbird-140.10.0-1.oe2403sp3.src.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"x86_64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"thunderbird-140.10.0-1.oe2403sp3.x86_64.rpm", "name":"thunderbird-140.10.0-1.oe2403sp3.x86_64.rpm" }, "name":"thunderbird-140.10.0-1.oe2403sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"thunderbird-debuginfo-140.10.0-1.oe2403sp3.x86_64.rpm", "name":"thunderbird-debuginfo-140.10.0-1.oe2403sp3.x86_64.rpm" }, "name":"thunderbird-debuginfo-140.10.0-1.oe2403sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"thunderbird-debugsource-140.10.0-1.oe2403sp3.x86_64.rpm", "name":"thunderbird-debugsource-140.10.0-1.oe2403sp3.x86_64.rpm" }, "name":"thunderbird-debugsource-140.10.0-1.oe2403sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"thunderbird-librnp-rnp-140.10.0-1.oe2403sp3.x86_64.rpm", "name":"thunderbird-librnp-rnp-140.10.0-1.oe2403sp3.x86_64.rpm" }, "name":"thunderbird-librnp-rnp-140.10.0-1.oe2403sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"thunderbird-wayland-140.10.0-1.oe2403sp3.x86_64.rpm", "name":"thunderbird-wayland-140.10.0-1.oe2403sp3.x86_64.rpm" }, "name":"thunderbird-wayland-140.10.0-1.oe2403sp3.x86_64.rpm", "category":"product_version" } ], "category":"architecture" } ] } ], "relationships":[ { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"thunderbird-140.10.0-1.oe2403sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:thunderbird-140.10.0-1.oe2403sp3.aarch64", "name":"thunderbird-140.10.0-1.oe2403sp3.aarch64 as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"thunderbird-debuginfo-140.10.0-1.oe2403sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:thunderbird-debuginfo-140.10.0-1.oe2403sp3.aarch64", "name":"thunderbird-debuginfo-140.10.0-1.oe2403sp3.aarch64 as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"thunderbird-debugsource-140.10.0-1.oe2403sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:thunderbird-debugsource-140.10.0-1.oe2403sp3.aarch64", "name":"thunderbird-debugsource-140.10.0-1.oe2403sp3.aarch64 as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"thunderbird-librnp-rnp-140.10.0-1.oe2403sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:thunderbird-librnp-rnp-140.10.0-1.oe2403sp3.aarch64", "name":"thunderbird-librnp-rnp-140.10.0-1.oe2403sp3.aarch64 as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"thunderbird-wayland-140.10.0-1.oe2403sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:thunderbird-wayland-140.10.0-1.oe2403sp3.aarch64", "name":"thunderbird-wayland-140.10.0-1.oe2403sp3.aarch64 as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"thunderbird-140.10.0-1.oe2403sp3.src.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:thunderbird-140.10.0-1.oe2403sp3.src", "name":"thunderbird-140.10.0-1.oe2403sp3.src as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"thunderbird-140.10.0-1.oe2403sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:thunderbird-140.10.0-1.oe2403sp3.x86_64", "name":"thunderbird-140.10.0-1.oe2403sp3.x86_64 as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"thunderbird-debuginfo-140.10.0-1.oe2403sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:thunderbird-debuginfo-140.10.0-1.oe2403sp3.x86_64", "name":"thunderbird-debuginfo-140.10.0-1.oe2403sp3.x86_64 as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"thunderbird-debugsource-140.10.0-1.oe2403sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:thunderbird-debugsource-140.10.0-1.oe2403sp3.x86_64", "name":"thunderbird-debugsource-140.10.0-1.oe2403sp3.x86_64 as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"thunderbird-librnp-rnp-140.10.0-1.oe2403sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:thunderbird-librnp-rnp-140.10.0-1.oe2403sp3.x86_64", "name":"thunderbird-librnp-rnp-140.10.0-1.oe2403sp3.x86_64 as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"thunderbird-wayland-140.10.0-1.oe2403sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:thunderbird-wayland-140.10.0-1.oe2403sp3.x86_64", "name":"thunderbird-wayland-140.10.0-1.oe2403sp3.x86_64 as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" } ] }, "vulnerabilities":[ { "cve":"CVE-2026-6772", "notes":[ { "text":"An incorrect boundary conditions vulnerability (CWE-119) exists in the Network Security Services (NSS) library used by Mozilla Firefox. The vulnerability occurs when the product performs operations on a memory buffer, allowing it to read from or write to a memory location outside the intended boundary of the buffer, leading to memory corruption. This impacts confidentiality, integrity, and availability. Affected versions include Firefox up to 149, Firefox ESR prior to 115.35, Firefox ESR prior to 140.10, Thunderbird prior to 150, and Thunderbird prior to 140.10.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":{ "$ref":"$.vulnerabilities[0].product_status.fixed" } }, "remediations":[ { "product_ids":{ "$ref":"$.vulnerabilities[0].product_status.fixed" }, "details":"thunderbird security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2109" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.5, "vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version":"3.1" }, "products":{ "$ref":"$.vulnerabilities[0].product_status.fixed" } } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2026-6772" } ] }