Astra Linux - уязвимость в firefox

There was a race condition in nsHttpTransaction that could be exploited to cause memory corruption, potentially leading to an exploitable issue. This vulnerability has been fixed in Firefox 137.0.2...

Astra Linux - уязвимость в thunderbird

When an email contains multiple attachments with external links via the X-Mozilla-External-Attachment-URL header, only the last link is displayed when the mouse hovers over any attachment. Although the correct link is used upon clicking, the misleading hover text may lead users to download conten...

thunderbird: Information Disclosure of /tmp directory listing

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edit...

thunderbird: Information Disclosure of /tmp directory listing

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edit...

thunderbird: User Interface (UI) Misrepresentation of attachment URL

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: When an email contains multiple attachments with external links via the X-Mozilla-External-Attachment-URL header, only the last link is shown when hovering over any attachment. Although the...

SUSE CVE-2025-3608

A race condition existed in nsHttpTransaction that could have been exploited to cause memory corruption, potentially leading to an exploitable condition. This vulnerability was fixed in Firefox 137.0.2...

Mozilla Thunderbird Security Update (mfsa_2025-26) - Mac OS X

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

Mozilla Thunderbird Security Update (mfsa_2025-26) - Windows

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

Mozilla Thunderbird < 137.0.2

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 137.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-26 advisory. - When an email contains multiple attachments with external links via the...

DEBIAN-CVE-2025-3522

Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be hosted externally. When an email is opened, Thunderbird accesses the specified URL to determine file size, and navigates to it when the user clicks the attachment. Because the URL is not validate...

UBUNTU-CVE-2025-2830

By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the...

CVE-2025-3608

A race condition existed in nsHttpTransaction that could have been exploited to cause memory corruption, potentially leading to an exploitable condition. This vulnerability affects Firefox 137.0.2...

CVE-2025-3608

A race condition existed in nsHttpTransaction that could have been exploited to cause memory corruption, potentially leading to an exploitable condition. This vulnerability affects Firefox 137.0.2...

CVE-2025-3608

A race condition existed in nsHttpTransaction that could have been exploited to cause memory corruption, potentially leading to an exploitable condition. This vulnerability affects Firefox 137.0.2...

UBUNTU-CVE-2025-3608

A race condition existed in nsHttpTransaction that could have been exploited to cause memory corruption, potentially leading to an exploitable condition. This vulnerability was fixed in Firefox 137.0.2...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox versions prior to 137.0.2, which stems from a competing condition in nsHttpTransaction that could lead to memory corruption...

Mozilla Thunderbird 安全漏洞

Mozilla Thunderbird is a suite of e-mail client software from the Mozilla Foundation in the United States that is separate from the Mozilla Application Suite. The software supports the IMAP and POP mail protocols as well as the HTML mail format. A security vulnerability exists in Mozilla...

PT-2025-16338

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 137.0.2 Description A race condition existed in nsHttpTransaction that could have been exploited to cause memory corruption, potentially leading to an exploitable condition. Recommendations For versions prior to...