VYPR

rpm package

opensuse/MozillaThunderbird&distro=openSUSE Leap 16.0

pkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Leap%2016.0

Vulnerabilities (86)

  • CVE-2025-10536MedSep 16, 2025
    affected < 140.3.0-bp160.1.1fixed 140.3.0-bp160.1.1

    Information disclosure in the Networking: Cache component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.

  • CVE-2025-10533HigSep 16, 2025
    affected < 140.3.0-bp160.1.1fixed 140.3.0-bp160.1.1

    Integer overflow in the SVG component. This vulnerability was fixed in Firefox 143, Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.

  • CVE-2025-10532MedSep 16, 2025
    affected < 140.3.0-bp160.1.1fixed 140.3.0-bp160.1.1

    Incorrect boundary conditions in the JavaScript: GC component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.

  • CVE-2025-10529MedSep 16, 2025
    affected < 140.3.0-bp160.1.1fixed 140.3.0-bp160.1.1

    Same-origin policy bypass in the Layout component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.

  • CVE-2025-10528HigSep 16, 2025
    affected < 140.3.0-bp160.1.1fixed 140.3.0-bp160.1.1

    Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.

  • CVE-2025-10527HigSep 16, 2025
    affected < 140.3.0-bp160.1.1fixed 140.3.0-bp160.1.1

    Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.

Page 5 of 5