{"id":"ECHO-f542-a708-8974","upstream":["CVE-2026-2447"],"severity":[],"modified":"2026-03-17T12:30:04.167Z","affected":[{"package":{"ecosystem":"Echo","name":"firefox-esr"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"140.8.0esr-1~deb13u1"}]}]}],"references":[{"type":"WEB","url":"https://advisory.echohq.com/cve/CVE-2026-2447"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-2447"},{"type":"WEB","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014390"},{"type":"WEB","url":"https://www.mozilla.org/security/advisories/mfsa2026-10/"},{"type":"WEB","url":"https://www.mozilla.org/security/advisories/mfsa2026-11/"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2026/02/msg00028.html"}]}