22 matches found
MGASA-2026-0164 Updated thunderbird(-l10n) packages fix security vulnerabilities
The updated packages fix security vulnerabilities: Incorrect boundary conditions in the Audio/Video: Web Codecs component. CVE-2026-8946 Incorrect boundary conditions in the JavaScript Engine: JIT component. CVE-2026-8388 Use-after-free in the DOM: Bindings WebIDL component. CVE-2026-8947 Other...
UBUNTU-CVE-2026-8955
Privilege escalation in the DOM: Workers component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...
Astra Linux - уязвимость в firefox, thunderbird
Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...
Updated thunderbird packages fix security vulnerabilities
Incorrect boundary conditions in the WebRTC: Audio/Video component. CVE-2026-2757 Use-after-free in the JavaScript: GC component. CVE-2026-2758 Incorrect boundary conditions in the Graphics: ImageLib component. CVE-2026-2759 Sandbox escape due to incorrect boundary conditions in the Graphics:...
Oracle Linux 9 : thunderbird (ELSA-2026-3516)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-3516 advisory. 140.8.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 140.8.0 - Add OpenELA debranding 140.8.0-1 - Update to 140.8.0 ESR Tenable ha...
Mageia: Security Advisory (MGASA-2026-0036)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-9180
Same-origin policy bypass in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 142, Firefox ESR 115.27, Firefox ESR 128.14, Firefox ESR 140.2, Thunderbird 142, Thunderbird 128.14, and Thunderbird 140.2...
Updated thunderbird packages fix security vulnerabilities
CVE-2025-5262: A double-free could have occurred in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. CVE-2025-5263: Error handling for script execution was incorrectly isolated fr...
PT-2025-22993
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 139 Firefox ESR versions prior to 128.11 Thunderbird versions prior to 139 Thunderbird ESR versions prior to 128.11 Description The issue is related to memory safety bugs that have been identified in the affected...
Security Vulnerabilities fixed in Thunderbird 128.10.2 — Mozilla
An attacker was able to perform an out-of-bounds read or write on a JavaScript Promise object. An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes...
Important: firefox
Issue Overview: JavaScript code running while transforming a document with the XSLTProcessor could lead to a use-after-free. This vulnerability affects Firefox 137, Firefox ESR 115.22, Firefox ESR 128.9, Thunderbird 137, and Thunderbird 128.9. CVE-2025-3028 A crafted URL containing specific Unico...
MGASA-2025-0126 Updated thunderbird packages fix security vulnerabilities
Use-after-free triggered by XSLTProcessor. CVE-2025-3028 URL Bar Spoofing via non-BMP Unicode characters. CVE-2025-3029 Memory safety bugs fixed in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9. CVE-2025-3030...
OPENSUSE-SU-2025:14966-1 MozillaThunderbird-128.9.0-1.1 on GA media
These are all security issues fixed in the MozillaThunderbird-128.9.0-1.1 package on the GA media of openSUSE Tumbleweed...
MGASA-2024-0336 Updated thunderbird packages fix security vulnerabilities
The updated packages provide Thunderbird 128 for all mandatory arches of Mageia x8664, i586 and aarch64 and fix several bugs, including a security vulnerability:...
Vulnerabilities fixed in Mozilla Firefox and Thunderbird
Mozilla fixed vulnerabilities in Firefox and Thunderbird A malicious party can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Circumvention of security measure - Remote code execution User rights Mozilla has released...
MGASA-2024-0024 Updated thunderbird packages fix security vulnerabilities
Out of bounds write in ANGLE. CVE-2024-0741 Failure to update user input timestamp. CVE-2024-0742 Crash when listing printers on Linux. CVE-2024-0746 Bypass of Content Security Policy when directive unsafe-inline was set. CVE-2024-0747 Phishing site popup could show local origin in address bar...
MGASA-2023-0285 Updated Firefox and Thunderbird packages fix security vulnerabilities
Updated Firefox and Thunderbird packages fix security vulnerabilities: Out-of-bounds write in PathOps. CVE-2023-5169 Use-after-free in Ion Compiler. CVE-2023-5171 Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. CVE-2023-5176 Heap buffer overflow in libvpx...
ROS-2-2243
2.2243 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...
Vulnerabilities fixed in Mozilla Firefox and Thunderbird
Mozilla has fixed vulnerabilities in Firefox and Thunderbird. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure. Remote code execution User rights Spoofi...
ROS-2-2127
2.2127 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...