CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
65.0%
Fullscreen notification obscured. (CVE-2023-29533) Double-free in libwebp. (MFSA-TMP-2023-0001) Potential Memory Corruption following Garbage Collector compaction. (CVE-2023-29535) Invalid free from JavaScript code. (CVE-2023-29536) Revocation status of S/Mime recipient certificates was not checked. (CVE-2023-0547) Hang when processing certain OpenPGP messages. (CVE-2023-29479) Content-Disposition filename truncation leads to Reflected File Download. (CVE-2023-29539) Files with malicious extensions could have been downloaded unsafely on Linux. (CVE-2023-29541) Memory Corruption in Safe Browsing Code. (CVE-2023-1945) Incorrect optimization result on ARM64. (CVE-2023-29548) Memory safety bugs fixed in Thunderbird 102.10. (CVE-2023-29550)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 8 | noarch | thunderbird | < 102.10.0-1 | thunderbird-102.10.0-1.mga8 |
Mageia | 8 | noarch | thunderbird-l10n | < 102.10.0-1 | thunderbird-l10n-102.10.0-1.mga8 |