SUSE CVE-2025-3875
Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. For example, if the From header contains an invalid value "Spoofed Name ", Thunderbird treats [email protected] as the actual address. This vulnerability was fixed ...