firefox: thunderbird: Certificate length was not properly checked

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed...

firefox: thunderbird: Potential opening of private browsing tabs in normal browsing windows

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A race condition could have led to private browsing tabs being opened in normal browsing windows. This could have resulted in a potential privacy leak...

firefox: thunderbird: Certificate length was not properly checked

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed...

firefox: thunderbird: Potential opening of private browsing tabs in normal browsing windows

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A race condition could have led to private browsing tabs being opened in normal browsing windows. This could have resulted in a potential privacy leak...

UBUNTU-CVE-2025-1009

An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. This vulnerability affects Firefox 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...

firefox: thunderbird: Potential opening of private browsing tabs in normal browsing windows

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A race condition could have led to private browsing tabs being opened in normal browsing windows. This could have resulted in a potential privacy leak...

SUSE CVE-2025-0510

Thunderbird displayed an incorrect sender address if the From field of an email used the invalid group name syntax that is described in CVE-2024-49040. This vulnerability was fixed in Thunderbird 128.7 and Thunderbird 135...

SUSE CVE-2025-1019

The z-order of the browser windows could be manipulated to hide the fullscreen notification. This could potentially be leveraged to perform a spoofing attack. This vulnerability was fixed in Firefox 135 and Thunderbird 135...

CVE-2025-1018

The fullscreen notification is prematurely hidden when fullscreen is re-requested quickly by the user. This could have been leveraged to perform a potential spoofing attack. This vulnerability affects Firefox 135 and Thunderbird 135...

CVE-2025-1019

The z-order of the browser windows could be manipulated to hide the fullscreen notification. This could potentially be leveraged to perform a spoofing attack. This vulnerability affects Firefox 135 and Thunderbird 135...

CVE-2025-1018

The fullscreen notification is prematurely hidden when fullscreen is re-requested quickly by the user. This could have been leveraged to perform a potential spoofing attack. This vulnerability affects Firefox 135 and Thunderbird 135...

CVE-2025-1019

The z-order of the browser windows could be manipulated to hide the fullscreen notification. This could potentially be leveraged to perform a spoofing attack. This vulnerability affects Firefox 135 and Thunderbird 135...

CVE-2025-1013

A race condition could have led to private browsing tabs being opened in normal browsing windows. This could have resulted in a potential privacy leak. This vulnerability affects Firefox 135, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...

DEBIAN-CVE-2025-1013

A race condition could have led to private browsing tabs being opened in normal browsing windows. This could have resulted in a potential privacy leak. This vulnerability was fixed in Firefox 135, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...

DEBIAN-CVE-2025-1016

Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary cod...