Lucene search
K

17 matches found

OSV
OSV
added 2025/07/29 1:40 p.m.5 views

RLSA-2025:7435 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: User Interface UI Misrepresentation of attachment URL CVE-2025-3523 thunderbird: Information Disclosure of /tmp directory listing CVE-2025-2830 thunderbird: Leak of hashed Window credentials via crafted...

7.4CVSS7AI score0.00313EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/05/07 12:59 p.m.8 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update ...

6.4CVSS6.9AI score0.00313EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/05/07 8:33 a.m.16 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

6.4CVSS6.9AI score0.00313EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/05/07 12:0 a.m.6 views

RHEL 8 : thunderbird (RHSA-2025:4649)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:4649 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: User Interface UI Misrepresentation of attachmen...

6.4CVSS7AI score0.00313EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2025/05/06 7:51 a.m.9 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

6.4CVSS6.9AI score0.00313EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/05/06 7:45 a.m.8 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

6.4CVSS6.9AI score0.00313EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2025/04/28 12:0 a.m.12 views

openSUSE Security Advisory (SUSE-SU-2025:1366-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS6.9AI score0.00313EPSS
Exploits0References4
OSV
OSV
added 2025/04/28 12:0 a.m.14 views

ALSA-2025:4229 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: User Interface UI Misrepresentation of attachment URL CVE-2025-3523 thunderbird: Information Disclosure of /tmp directory listing CVE-2025-2830 thunderbird: Leak of hashed Window credentials via crafted...

6.4CVSS6.3AI score0.00313EPSS
Exploits0References8
OPENSUSE Linux
OPENSUSE Linux
added 2025/04/17 12:0 a.m.7 views

MozillaThunderbird-128.9.2-1.1 on GA media (moderate)

MozillaThunderbird-128.9.2-1.1 on GA media Announcement ID: openSUSE-SU-2025:15000-1 Rating: moderate Cross-References: CVE-2025-2830 CVE-2025-3522 CVE-2025-3523 CVSS scores: CVE-2025-2830 SUSE : 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2025-2830 SUSE : 4.6...

7.4CVSS7.4AI score0.00313EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/04/16 12:0 a.m.11 views

Slackware: Security Advisory (SSA:2025-105-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS6.6AI score0.00313EPSS
Exploits0References7
Circl
Circl
added 2025/04/15 7:57 p.m.5 views

CVE-2025-3522

creationtimestamp| type| source ---|---|--- 2025-04-15 19:57:14+00:00| seen| https://t.me/cvedetector/22972...

6.3CVSS6.4AI score0.0024EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/04/15 3:16 p.m.2 views

CVE-2025-3522

Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be hosted externally. When an email is opened, Thunderbird accesses the specified URL to determine file size, and navigates to it when the user clicks the attachment. Because the URL is not validate...

6.3CVSS7.1AI score0.0024EPSS
Exploits0References3
NVD
NVD
added 2025/04/15 3:16 p.m.16 views

CVE-2025-3522

Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be hosted externally. When an email is opened, Thunderbird accesses the specified URL to determine file size, and navigates to it when the user clicks the attachment. Because the URL is not validate...

6.3CVSS0.0024EPSS
Exploits0References3
OSV
OSV
added 2025/04/15 3:16 p.m.4 views

UBUNTU-CVE-2025-3522

Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be hosted externally. When an email is opened, Thunderbird accesses the specified URL to determine file size, and navigates to it when the user clicks the attachment. Because the URL is not validate...

6.3CVSS6.7AI score0.0024EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/04/15 3:6 p.m.18 views

CVE-2025-3522 Leak of hashed Window credentials via crafted attachment URL

Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be hosted externally. When an email is opened, Thunderbird accesses the specified URL to determine file size, and navigates to it when the user clicks the attachment. Because the URL is not validate...

0.0024EPSS
Exploits0References3
CVE
CVE
added 2025/04/15 3:6 p.m.123 views

CVE-2025-3522

Summary of CVE-2025-3522 (Thunderbird) : Thunderbird improperly processes the X-Mozilla-External-Attachment-URL header used for external attachments. When opening an email, Thunderbird fetches the URL to determine file size and may navigate to it when attaching is clicked. The URL is not validate...

6.3CVSS6.7AI score0.0024EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2025/04/15 3:6 p.m.7 views

CVE-2025-3522

Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be hosted externally. When an email is opened, Thunderbird accesses the specified URL to determine file size, and navigates to it when the user clicks the attachment. Because the URL is not validate...

6.3CVSS6.5AI score0.0024EPSS
Exploits0
Rows per page
Query Builder