rpm package
suse/MozillaThunderbird&distro=SUSE Linux Enterprise Module for Package Hub 15 SP6
pkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6
Vulnerabilities (202)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-4767 | Med | 4.3 | < 115.11.0-150200.8.160.1 | 115.11.0-150200.8.160.1 | May 14, 2024 | If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. | |
| CVE-2024-4367 | Hig | 8.8 | < 115.11.0-150200.8.160.1 | 115.11.0-150200.8.160.1 | May 14, 2024 | A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. |
- affected < 115.11.0-150200.8.160.1fixed 115.11.0-150200.8.160.1
If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
- affected < 115.11.0-150200.8.160.1fixed 115.11.0-150200.8.160.1
A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
Page 11 of 11