Unrated severityNVD Advisory· Published Dec 22, 2022· Updated Nov 19, 2024
CVE-2022-3032
CVE-2022-3032
Description
When receiving an HTML email that contained an iframe element, which used a srcdoc attribute to define the inner HTML document, remote objects specified in the nested document, for example images or videos, were not blocked. Rather, the network was accessed, the objects were loaded and displayed. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10< 102.2.1, < 91.13.1+ 1 more
- (no CPE)range: < 102.2.1, < 91.13.1
- (no CPE)range: unspecified
- osv-coords8 versionspkg:rpm/almalinux/thunderbirdpkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Tumbleweedpkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP3pkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP4pkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP3pkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP4
< 102.3.0-3.el8_6.alma+ 7 more
- (no CPE)range: < 102.3.0-3.el8_6.alma
- (no CPE)range: < 102.2.2-150200.8.82.1
- (no CPE)range: < 102.2.2-150200.8.82.1
- (no CPE)range: < 102.2.1-1.1
- (no CPE)range: < 102.2.2-150200.8.82.1
- (no CPE)range: < 102.2.2-150200.8.82.1
- (no CPE)range: < 102.2.2-150200.8.82.1
- (no CPE)range: < 102.2.2-150200.8.82.1
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.