VYPR

Thunderbird

by Mozilla Corporation

Source repositories

CVEs (1,864)

  • CVE-2022-45414HigDec 22, 2022
    risk 0.53cvss 8.1epss 0.01

    If a Thunderbird user quoted from an HTML email, for example by replying to the email, and the email contained either a VIDEO tag with the POSTER attribute or an OBJECT tag with a DATA attribute, a network request to the referenced remote URL was performed, regardless of a…

  • CVE-2022-42927HigDec 22, 2022
    risk 0.53cvss 8.1epss 0.00

    A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via `performance.getEntries()`. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and Thunderbird < 102.4.

  • CVE-2022-3033HigDec 22, 2022
    risk 0.53cvss 8.1epss 0.01

    If a Thunderbird user replied to a crafted HTML email containing a meta tag, with the meta tag having the http-equiv="refresh" attribute, and the content attribute specifying an URL, then Thunderbird started a network request to that URL,…

  • CVE-2021-29991HigNov 3, 2021
    risk 0.53cvss 8.1epss 0.01

    Firefox incorrectly accepted a newline in a HTTP/3 header, interpretting it as two separate headers. This allowed for a header splitting attack against servers using HTTP/3. This vulnerability affects Firefox < 91.0.1 and Thunderbird < 91.0.1.

  • CVE-2021-29986HigAug 17, 2021
    risk 0.53cvss 8.1epss 0.01

    A suspected race condition when calling getaddrinfo led to memory corruption and a potentially exploitable crash. *Note: This issue only affected Linux operating systems. Other operating systems are unaffected.* This vulnerability affects Thunderbird < 78.13, Thunderbird < 91,…

  • CVE-2021-23981HigMar 31, 2021
    risk 0.53cvss 8.1epss 0.01

    A texture upload of a Pixel Buffer Object could have confused the WebGL code to skip binding the buffer used to unpack it, resulting in memory corruption and a potentially exploitable information leak or crash. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and…

  • CVE-2020-12387HigMay 26, 2020
    risk 0.53cvss 8.1epss 0.01

    A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.

  • CVE-2019-9815HigJul 23, 2019
    risk 0.53cvss 8.1epss 0.02

    If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use…

  • CVE-2019-11706HigJul 23, 2019
    risk 0.53cvss 7.5epss 0.10

    A flaw in Thunderbird's implementation of iCal causes a type confusion in icaltimezone_get_vtimezone_properties when processing certain email messages, resulting in a crash. This vulnerability affects Thunderbird < 60.7.1.

  • CVE-2018-12368HigOct 18, 2018
    risk 0.53cvss 8.1epss 0.05

    Windows 10 does not warn users before opening executable files with the SettingContent-ms extension even when they have been downloaded from the internet and have the "Mark of the Web." Without the warning, unsuspecting users unfamiliar with this new file type might run an…

  • CVE-2018-5178HigJun 11, 2018
    risk 0.53cvss 8.1epss 0.05

    A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR < 52.8,…

  • CVE-2017-7807HigJun 11, 2018
    risk 0.53cvss 8.1epss 0.02

    A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been addressed by requiring fallback files be inside the manifest directory. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3,…

  • CVE-2016-1526HigFeb 13, 2016
    risk 0.53cvss 8.1epss 0.02

    The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, incorrectly validates a size value, which allows remote attackers to obtain sensitive information or cause a denial of…

  • CVE-2026-0878HigJan 13, 2026
    risk 0.52cvss 8.0epss 0.00

    Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7.

  • CVE-2025-14322HigDec 9, 2025
    risk 0.52cvss 8.0epss 0.00

    Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6.

  • CVE-2026-6776HigApr 21, 2026
    risk 0.51cvss 7.8epss 0.00

    Incorrect boundary conditions in the WebRTC: Networking component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

  • CVE-2023-37208HigJul 5, 2023
    risk 0.51cvss 7.8epss 0.00

    When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

  • CVE-2022-3155HigDec 22, 2022
    risk 0.51cvss 7.8epss 0.00

    When saving or opening an email attachment on macOS, Thunderbird did not set attribute com.apple.quarantine on the received file. If the received file was an application and the user attempted to open it, then the application was started immediately without asking the user to…

  • CVE-2021-29949HigJun 24, 2021
    risk 0.51cvss 7.8epss 0.00

    When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, and…

  • CVE-2020-15657HigAug 10, 2020
    risk 0.51cvss 7.8epss 0.00

    Firefox could be made to load attacker-supplied DLL files from the installation directory. This required an attacker that is already capable of placing files in the installation directory. *Note: This issue only affected Windows operating systems. Other operating systems are…

Page 29 of 94