Information on source package thunderbird

Available versions

ReleaseVersion
bullseye1:115.12.0-1~deb11u1
bullseye (security)1:128.5.0esr-1~deb11u1
bookworm1:115.16.0esr-1~deb12u1
bookworm (security)1:128.5.0esr-1~deb12u1
trixie1:128.5.2esr-1
sid1:128.5.2esr-1

Open issues

BugbullseyebookwormtrixiesidDescription
CVE-2024-50336vulnerable (no DSA, postponed)vulnerable (no DSA)fixedfixedmatrix-js-sdk is a Matrix messaging protocol Client-Server SDK for Jav ...

Resolved issues

BugDescription
CVE-2024-11699Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thun ...
CVE-2024-11698A flaw in handling fullscreen transitions may have inadvertently cause ...
CVE-2024-11697When handling keypress events, an attacker may have been able to trick ...
CVE-2024-11696The application failed to account for exceptions thrown by the `loadMa ...
CVE-2024-11695A crafted URL containing Arabic script and whitespace characters could ...
CVE-2024-11694Enhanced Tracking Protection's Strict mode may have inadvertently allo ...
CVE-2024-11693The executable file warning was not presented when downloading .librar ...
CVE-2024-11692An attacker could cause a select dropdown to be shown over another tab ...
CVE-2024-11691Certain WebGL operations on Apple silicon M series devices could have ...
CVE-2024-11159Using remote content in OpenPGP encrypted messages can lead to the dis ...
CVE-2024-10467Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thun ...
CVE-2024-10466By sending a specially crafted push message, a remote server could hav ...
CVE-2024-10465A clipboard "paste" button could persist across tabs which allowed a s ...
CVE-2024-10464Repeated writes to history interface attributes could have been used t ...
CVE-2024-10463Video frames could have been leaked between origins in some situations ...
CVE-2024-10462Truncation of a long URL could have allowed origin spoofing in a permi ...
CVE-2024-10461In multipart/x-mixed-replace responses, `Content-Disposition: attachme ...
CVE-2024-10460The origin of an external protocol handler prompt could have been obsc ...
CVE-2024-10459An attacker could have caused a use-after-free when accessibility was ...
CVE-2024-10458A permission leak could have occurred from a trusted site to an untrus ...
CVE-2024-9680An attacker was able to achieve code execution in the content process ...
CVE-2024-9402Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thun ...
CVE-2024-9401Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ...
CVE-2024-9400A potential memory corruption vulnerability could be triggered if an a ...
CVE-2024-9399A website configured to initiate a specially crafted WebTransport sess ...
CVE-2024-9398By checking the result of calls to `window.open` with specifically set ...
CVE-2024-9397A missing delay in directory upload UI could have made it possible for ...
CVE-2024-9396It is currently unknown if this issue is exploitable but a condition m ...
CVE-2024-9394An attacker could, via a specially crafted multipart response, execute ...
CVE-2024-9393An attacker could, via a specially crafted multipart response, execute ...
CVE-2024-9392A compromised content process could have allowed for the arbitrary loa ...
CVE-2024-8900An attacker could write data to the user's clipboard, bypassing the us ...
CVE-2024-8394When aborting the verification of an OTR chat session, an attacker cou ...
CVE-2024-8387Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thun ...
CVE-2024-8386If a site had been granted the permission to open popup windows, it co ...
CVE-2024-8385A difference in the handling of StructFields and ArrayTypes in WASM co ...
CVE-2024-8384The JavaScript garbage collector could mis-color cross-compartment obj ...
CVE-2024-8383Firefox normally asks for confirmation before asking the operating sys ...
CVE-2024-8382Internal browser event interfaces were exposed to web content when pri ...
CVE-2024-8381A potentially exploitable type confusion could be triggered when looki ...
CVE-2024-7652An error in the ECMA-262 specification relating to Async Generators co ...
CVE-2024-7529The date picker could partially obscure security prompts. This could b ...
CVE-2024-7527Unexpected marking work at the start of sweeping could have led to a u ...
CVE-2024-7526ANGLE failed to initialize parameters which lead to reading from unini ...
CVE-2024-7525It was possible for a web extension with minimal permissions to create ...
CVE-2024-7522Editor code failed to check an attribute value. This could have led to ...
CVE-2024-7521Incomplete WebAssembly exception handing could have led to a use-after ...
CVE-2024-7519Insufficient checks when processing graphics shared memory could have ...
CVE-2024-6604Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thu ...
CVE-2024-6603In an out-of-memory scenario an allocation could fail but free would h ...
CVE-2024-6602A mismatch between allocator and deallocator could have led to memory ...
CVE-2024-6601A race condition could lead to a cross-origin container obtaining perm ...
CVE-2024-6600Due to large allocation checks in Angle for GLSL shaders being too len ...
CVE-2024-5702Memory corruption in the networking stack could have led to a potentia ...
CVE-2024-5700Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thu ...
CVE-2024-5696By manipulating the text in an `<input>` tag, an attacker could ...
CVE-2024-5693Offscreen Canvas did not properly track cross-origin tainting, which c ...
CVE-2024-5692On Windows 10, when using the 'Save As' functionality, an attacker cou ...
CVE-2024-5691By tricking the browser with a `X-Frame-Options` header, a sandboxed i ...
CVE-2024-5690By monitoring the time certain operations take, an attacker could have ...
CVE-2024-5688If a garbage collection was triggered at the right time, a use-after-f ...
CVE-2024-4777Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thu ...
CVE-2024-4770When saving a page to PDF, certain font styles could have led to a pot ...
CVE-2024-4769When importing resources using Web Workers, error messages would disti ...
CVE-2024-4768A bug in popup notifications' interaction with WebAuthn made it easier ...
CVE-2024-4767If the `browser.privatebrowsing.autostart` preference is enabled, Inde ...
CVE-2024-4367A type check was missing when handling fonts in PDF.js, which would al ...
CVE-2024-3864Memory safety bug present in Firefox 124, Firefox ESR 115.9, and Thund ...
CVE-2024-3863The executable file warning was not presented when downloading .xrm-ms ...
CVE-2024-3861If an AlignedBuffer were assigned to itself, the subsequent self-move ...
CVE-2024-3859On 32-bit versions there were integer-overflows that led to an out-of- ...
CVE-2024-3857The JIT created incorrect code for arguments in certain cases. This le ...
CVE-2024-3854In some code patterns the JIT incorrectly optimized switch statements ...
CVE-2024-3852GetBoundName could return the wrong version of an object when JIT opti ...
CVE-2024-3302There was no limit to the number of HTTP/2 CONTINUATION frames that wo ...
CVE-2024-2616To harden ICU against exploitation, the behavior for out-of-memory con ...
CVE-2024-2614Memory safety bugs present in Firefox 123, Firefox ESR 115.8, and Thun ...
CVE-2024-2612If an attacker could find a way to trigger a particular code path in ` ...
CVE-2024-2611A missing delay on when pointer lock was used could have allowed a mal ...
CVE-2024-2610Using a markup injection an attacker could have stolen nonce values. T ...
CVE-2024-2609The permission prompt input delay could expire while the window is not ...
CVE-2024-2608`AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and ...
CVE-2024-2607Return registers were overwritten which could have allowed an attacker ...
CVE-2024-2605An attacker could have leveraged the Windows Error Reporter to run arb ...
CVE-2024-1936The encrypted subject of an email message could be incorrectly and per ...
CVE-2024-1553Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thun ...
CVE-2024-1552Incorrect code generation could have led to unexpected numeric convers ...
CVE-2024-1551Set-Cookie response headers were being incorrectly honored in multipar ...
CVE-2024-1550A malicious website could have used a combination of exiting fullscree ...
CVE-2024-1549If a website set a large custom cursor, portions of the cursor could h ...
CVE-2024-1548A website could have obscured the fullscreen notification by using a d ...
CVE-2024-1547Through a series of API calls and redirects, an attacker-controlled al ...
CVE-2024-1546When storing and re-accessing data on a networking channel, the length ...
CVE-2024-0755Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thun ...
CVE-2024-0753In specific HSTS configurations an attacker could have bypassed HSTS o ...
CVE-2024-0751A malicious devtools extension could have been used to escalate privil ...
CVE-2024-0750A bug in popup notifications delay calculation could have made it poss ...
CVE-2024-0749A phishing site could have repurposed an `about:` dialog to show phish ...
CVE-2024-0747When a parent page loaded a child in an iframe with `unsafe-inline`, t ...
CVE-2024-0746A Linux user opening the print preview dialog could have caused the br ...
CVE-2024-0743An unchecked return value in TLS handshake code could have caused a po ...
CVE-2024-0742It was possible for certain browser prompts and dialogs to be activate ...
CVE-2024-0741An out of bounds write in ANGLE could have allowed an attacker to corr ...
CVE-2023-50762When processing a PGP/MIME payload that contains digitally signed text ...
CVE-2023-50761The signature of a digitally signed S/MIME email message may optionall ...
CVE-2023-37211Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thu ...
CVE-2023-37208When opening Diagcab files, Firefox did not warn the user that these f ...
CVE-2023-37207A website could have obscured the fullscreen notification by using a U ...
CVE-2023-37202Cross-compartment wrappers wrapping a scripted proxy could have caused ...
CVE-2023-37201An attacker could have triggered a use-after-free condition when creat ...
CVE-2023-34416Memory safety bugs present in Firefox 113, Firefox ESR 102.11, and Thu ...
CVE-2023-34414The error page for sites with invalid TLS certificates was missing the ...
CVE-2023-32215Memory safety bugs present in Firefox 112 and Firefox ESR 102.10. Some ...
CVE-2023-32214Protocol handlers `ms-cxh` and `ms-cxh-full` could have been leveraged ...
CVE-2023-32213When reading a file, an uninitialized value could have been used as re ...
CVE-2023-32212An attacker could have positioned a <code>datalist</code> element to o ...
CVE-2023-32211A type checking bug would have led to invalid code being compiled. Thi ...
CVE-2023-32207A missing delay in popup notifications could have made it possible for ...
CVE-2023-32206An out-of-bound read could have led to a crash in the RLBox Expat driv ...
CVE-2023-32205In multiple cases browser prompts could have been obscured by popups c ...
CVE-2023-29550Memory safety bugs present in Firefox 111 and Firefox ESR 102.9. Some ...
CVE-2023-29548A wrong lowering instruction in the ARM64 Ion compiler resulted in a w ...
CVE-2023-29545Similar to CVE-2023-28163, this time when choosing 'Save Link As', sug ...
CVE-2023-29542A newline in a filename could have been used to bypass the file extens ...
CVE-2023-29541Firefox did not properly handle downloads of files ending in <code>.de ...
CVE-2023-29539When handling the filename directive in the Content-Disposition header ...
CVE-2023-29536An attacker could cause the memory manager to incorrectly free a point ...
CVE-2023-29535Following a Garbage Collector compaction, weak maps may have been acce ...
CVE-2023-29533A website could have obscured the fullscreen notification by using a c ...
CVE-2023-29532A local attacker can trick the Mozilla Maintenance Service into applyi ...
CVE-2023-29531An attacker could have caused an out of bounds memory access using Web ...
CVE-2023-29479Ribose RNP before 0.16.3 may hang when the input is malformed.
CVE-2023-28427matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for Jav ...
CVE-2023-28176Memory safety bugs present in Firefox 110 and Firefox ESR 102.8. Some ...
CVE-2023-28164Dragging a URL from a cross-origin iframe that was removed during the ...
CVE-2023-28163When downloading files through the Save As dialog on Windows with sugg ...
CVE-2023-28162While implementing AudioWorklets, some code may have casted one type t ...
CVE-2023-25752When accessing throttled streams, the count of available bytes needed ...
CVE-2023-25751Sometimes, when invalidating JIT code while following an iterator, the ...
CVE-2023-25746Memory safety bugs present in Firefox ESR 102.7. Some of these bugs sh ...
CVE-2023-25744Mmemory safety bugs present in Firefox 109 and Firefox ESR 102.7. Some ...
CVE-2023-25742When importing a SPKI RSA public key as ECDSA P-256, the key would be ...
CVE-2023-25739Module load requests that failed were not being checked as to whether ...
CVE-2023-25738Members of the <code>DEVMODEW</code> struct set by the printer device ...
CVE-2023-25737An invalid downcast from <code>nsTextNode</code> to <code>SVGElement</ ...
CVE-2023-25735Cross-compartment wrappers wrapping a scripted proxy could have caused ...
CVE-2023-25734After downloading a Windows <code>.url</code> shortcut from the local ...
CVE-2023-25732When encoding data from an <code>inputStream</code> in <code>xpcom</co ...
CVE-2023-25730A background script invoking <code>requestFullscreen</code> and then b ...
CVE-2023-25729Permission prompts for opening external schemes were only shown for <c ...
CVE-2023-25728The <code>Content-Security-Policy-Report-Only</code> header could allo ...
CVE-2023-23605Memory safety bugs present in Firefox 108 and Firefox ESR 102.6. Some ...
CVE-2023-23603Regular expressions used to filter out forbidden properties and values ...
CVE-2023-23602A mishandled security check when creating a WebSocket in a WebWorker c ...
CVE-2023-23601Navigations were being allowed when dragging a URL from a cross-origin ...
CVE-2023-23599When copying a network request from the developer tools panel as a cur ...
CVE-2023-23598Due to the Firefox GTK wrapper code's use of text/plain for drag data ...
CVE-2023-6873Memory safety bugs present in Firefox 120. Some of these bugs showed e ...
CVE-2023-6864Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thun ...
CVE-2023-6862A use-after-free was identified in the `nsDNSService::Init`. This iss ...
CVE-2023-6861The `nsWindow::PickerOpen(void)` method was susceptible to a heap buff ...
CVE-2023-6860The `VideoBridge` allowed any content process to use textures produced ...
CVE-2023-6859A use-after-free condition affected TLS socket creation when under mem ...
CVE-2023-6858Firefox was susceptible to a heap buffer overflow in `nsTextFragment` ...
CVE-2023-6857When resolving a symlink, a race may occur where the buffer passed to ...
CVE-2023-6856The WebGL `DrawElementsInstanced` method was susceptible to a heap buf ...
CVE-2023-6212Memory safety bugs present in Firefox 119, Firefox ESR 115.4, and Thun ...
CVE-2023-6209Relative URLs starting with three slashes were incorrectly parsed, and ...
CVE-2023-6208When using X11, text selected by the page using the Selection API was ...
CVE-2023-6207Ownership mismanagement led to a use-after-free in ReadableByteStreams ...
CVE-2023-6206The black fade animation when exiting fullscreen is roughly the length ...
CVE-2023-6205It was possible to cause the use of a MessagePort after it had already ...
CVE-2023-6204On some systems\u2014depending on the graphics settings and drivers\u2 ...
CVE-2023-5732An attacker could have created a malicious link using bidirectional ch ...
CVE-2023-5730Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thun ...
CVE-2023-5728During garbage collection extra operations were performed on a object ...
CVE-2023-5727The executable file warning was not presented when downloading .msix, ...
CVE-2023-5726A website could have obscured the full screen notification by using th ...
CVE-2023-5725A malicious installed WebExtension could open arbitrary URLs, which un ...
CVE-2023-5724Drivers are not always robust to extremely large draw calls and in som ...
CVE-2023-5721It was possible for certain browser prompts and dialogs to be activate ...
CVE-2023-5388NSS was susceptible to a timing side-channel attack when performing RS ...
CVE-2023-5217Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior ...
CVE-2023-5176Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thun ...
CVE-2023-5174If Windows failed to duplicate a handle during process creation, the s ...
CVE-2023-5171During Ion compilation, a Garbage Collection could have resulted in a ...
CVE-2023-5169A compromised content process could have provided malicious data in a ...
CVE-2023-5168A compromised content process could have provided malicious data to `F ...
CVE-2023-4863Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.1 ...
CVE-2023-4585Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thun ...
CVE-2023-4584Memory safety bugs present in Firefox 116, Firefox ESR 102.14, Firefox ...
CVE-2023-4583When checking if the Browsing Context had been discarded in `HttpBaseC ...
CVE-2023-4582Due to large allocation checks in Angle for glsl shaders being too len ...
CVE-2023-4581Excel `.xll` add-in files did not have a blocklist entry in Firefox's ...
CVE-2023-4580Push notifications stored on disk in private browsing mode were not be ...
CVE-2023-4578When calling `JS::CheckRegExpSyntax` a Syntax Error could have been se ...
CVE-2023-4577When `UpdateRegExpStatics` attempted to access `initialStringHeap` it ...
CVE-2023-4576On Windows, an integer overflow could occur in `RecordedSourceSurfaceC ...
CVE-2023-4575When creating a callback over IPC for showing the File Picker window, ...
CVE-2023-4574When creating a callback over IPC for showing the Color Picker window, ...
CVE-2023-4573When receiving rendering data over IPC `mStream` could have been destr ...
CVE-2023-4057Memory safety bugs present in Firefox 115, Firefox ESR 115.0, and Thun ...
CVE-2023-4056Memory safety bugs present in Firefox 115, Firefox ESR 115.0, Firefox ...
CVE-2023-4055When the number of cookies per domain was exceeded in `document.cookie ...
CVE-2023-4054When opening appref-ms files, Firefox did not warn the user that these ...
CVE-2023-4053A website could have obscured the full screen notification by using a ...
CVE-2023-4052The Firefox updater created a directory writable by non-privileged use ...
CVE-2023-4051A website could have obscured the full screen notification by using th ...
CVE-2023-4050In some cases, an untrusted input stream was copied to a stack buffer ...
CVE-2023-4049Race conditions in reference counting code were found through code ins ...
CVE-2023-4048An out-of-bounds read could have led to an exploitable crash when pars ...
CVE-2023-4047A bug in popup notifications delay calculation could have made it poss ...
CVE-2023-4046In some circumstances, a stale value could have been used for a global ...
CVE-2023-4045Offscreen Canvas did not properly track cross-origin tainting, which c ...
CVE-2023-3600During the worker lifecycle, a use-after-free condition could have occ ...
CVE-2023-3417Thunderbird allowed the Text Direction Override Unicode Character in f ...
CVE-2023-1999There exists a use after free/double free in libwebp. An attacker can ...
CVE-2023-1945Unexpected data returned from the Safe Browsing API could have led to ...
CVE-2023-0767An attacker could construct a PKCS 12 cert bundle in such a way that c ...
CVE-2023-0616If a MIME email combines OpenPGP and OpenPGP MIME data in a certain wa ...
CVE-2023-0547OCSP revocation status of recipient certificates was not checked when ...
CVE-2023-0430Certificate OCSP revocation status was not checked when verifying S/Mi ...
CVE-2022-46882A use-after-free in WebGL extensions could have led to a potentially e ...
CVE-2022-46881An optimization in WebGL was incorrect in some cases, and could have l ...
CVE-2022-46880A missing check related to tex units could have led to a use-after-fre ...
CVE-2022-46878Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the ...
CVE-2022-46877By confusing the browser, the fullscreen notification could have been ...
CVE-2022-46875The executable file warning was not presented when downloading .atloc ...
CVE-2022-46874A file with a long filename could have had its filename truncated to r ...
CVE-2022-46872An attacker who compromised a content process could have partially esc ...
CVE-2022-46871An out of date library (libusrsctp) contained vulnerabilities that cou ...
CVE-2022-45421Mozilla developers Andrew McCreight and Gabriele Svelto reported memor ...
CVE-2022-45420Use tables inside of an iframe, an attacker could have caused iframe c ...
CVE-2022-45418If a custom mouse cursor is specified in CSS, under certain circumstan ...
CVE-2022-45416Keyboard events reference strings like "KeyA" that were at fixed, know ...
CVE-2022-45414If a Thunderbird user quoted from an HTML email, for example by replyi ...
CVE-2022-45412When resolving a symlink such as <code>file:///proc/self/fd/1</code>, ...
CVE-2022-45411Cross-Site Tracing occurs when a server will echo a request back via t ...
CVE-2022-45410When a ServiceWorker intercepted a request with <code>FetchEvent</code ...
CVE-2022-45409The garbage collector could have been aborted in several states and zo ...
CVE-2022-45408Through a series of popups that reuse windowName, an attacker can caus ...
CVE-2022-45406If an out-of-memory condition occurred when creating a JavaScript glob ...
CVE-2022-45405Freeing arbitrary <code>nsIInputStream</code>'s on a different thread ...
CVE-2022-45404Through a series of popup and <code>window.print()</code> calls, an at ...
CVE-2022-45403Service Workers should not be able to infer information about opaque c ...
CVE-2022-42932Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported m ...
CVE-2022-42929If a website called `window.print()` in a particular way, it could cau ...
CVE-2022-42928Certain types of allocations were missing annotations that, if the Gar ...
CVE-2022-42927A same-origin policy violation could have allowed the theft of cross-o ...
CVE-2022-40962Mozilla developers Nika Layzell, Timothy Nikkel, Sebastian Hengst, And ...
CVE-2022-40960Concurrent use of the URL parser with non-UTF-8 data was not thread-sa ...
CVE-2022-40959During iframe navigation, certain pages did not have their FeaturePoli ...
CVE-2022-40958By injecting a cookie with certain special characters, an attacker on ...
CVE-2022-40957Inconsistent data in instruction and data cache when creating wasm cod ...
CVE-2022-40956When injecting an HTML base element, some requests would ignore the CS ...
CVE-2022-38478Members the Mozilla Fuzzing Team reported memory safety bugs present i ...
CVE-2022-38477Mozilla developer Nika Layzell and the Mozilla Fuzzing Team reported m ...
CVE-2022-38476A data race could occur in the <code>PK11_ChangePW</code> function, po ...
CVE-2022-38473A cross-origin iframe referencing an XSLT document would inherit the p ...
CVE-2022-38472An attacker could have abused XSLT error handling to associate attacke ...
CVE-2022-36319When combining CSS properties for overflow and transform, the mouse cu ...
CVE-2022-36318When visiting directory listings for `chrome://` URLs as source text, ...
CVE-2022-36314When opening a Windows shortcut from the local filesystem, an attacker ...
CVE-2022-36059matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for Jav ...
CVE-2022-34484The Mozilla Fuzzing Team reported potential vulnerabilities present in ...
CVE-2022-34481In the <code>nsTArray_Impl::ReplaceElementsAt()</code> function, an in ...
CVE-2022-34479A malicious website that could create a popup could have resized the p ...
CVE-2022-34478The <code>ms-msdt</code>, <code>search</code>, and <code>search-ms</co ...
CVE-2022-34472If there was a PAC URL set and the server that hosts the PAC was not r ...
CVE-2022-34470Session history navigations may have led to a use-after-free and poten ...
CVE-2022-34468An iframe that was not permitted to run scripts could do so if the use ...
CVE-2022-31747Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozil ...
CVE-2022-31744An attacker could have injected CSS into stylesheets accessible via in ...
CVE-2022-31742An attacker could have exploited a timing attack by sending a large nu ...
CVE-2022-31741A crafted CMS message could have been processed incorrectly, leading t ...
CVE-2022-31740On arm64, WASM code could have resulted in incorrect assembly generati ...
CVE-2022-31739When downloading files on Windows, the % character was not escaped, wh ...
CVE-2022-31738When exiting fullscreen mode, an iframe could have confused the browse ...
CVE-2022-31737A malicious webpage could have caused an out-of-bounds write in WebGL, ...
CVE-2022-31736A malicious website could have learned the size of a cross-origin reso ...
CVE-2022-29917Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and t ...
CVE-2022-29916Firefox behaved slightly differently for already known resources when ...
CVE-2022-29914When reusing existing popups Firefox would have allowed them to cover ...
CVE-2022-29913The parent process would not properly check whether the Speech Synthes ...
CVE-2022-29912Requests initiated through reader mode did not properly omit cookies w ...
CVE-2022-29911An improper implementation of the new iframe sandbox keyword <code>all ...
CVE-2022-29909Documents in deeply-nested cross-origin browsing contexts could have o ...
CVE-2022-28289Mozilla developers and community members Nika Layzell, Andrew McCreigh ...
CVE-2022-28286Due to a layout change, iframe contents could have been rendered outsi ...
CVE-2022-28285When generating the assembly code for <code>MLoadTypedArrayElementHole ...
CVE-2022-28282By using a link with <code>rel="localization"</code> a use-after-free ...
CVE-2022-28281If a compromised content process sent an unexpected number of WebAuthN ...
CVE-2022-26486An unexpected message in the WebGPU IPC framework could lead to a use- ...
CVE-2022-26485Removing an XSLT parameter during processing could have lead to an exp ...
CVE-2022-26387When installing an add-on, Firefox verified the signature before promp ...
CVE-2022-26386Previously Firefox for macOS and Linux would download temporary files ...
CVE-2022-26384If an attacker could control the contents of an iframe sandboxed with ...
CVE-2022-26383When resizing a popup after requesting fullscreen access, the popup wo ...
CVE-2022-26381An attacker could have caused a use-after-free by forcing a text reflo ...
CVE-2022-24713regex is an implementation of regular expressions for the Rust languag ...
CVE-2022-22764Mozilla developers Paul Adenot and the Mozilla Fuzzing Team reported m ...
CVE-2022-22763When a worker is shutdown, it was possible to cause script to run late ...
CVE-2022-22761Web-accessible extension pages (pages with a moz-extension:// scheme) ...
CVE-2022-22760When importing resources using Web Workers, error messages would disti ...
CVE-2022-22759If a document created a sandboxed iframe without <code>allow-scripts</ ...
CVE-2022-22756If a user was convinced to drag and drop an image to their desktop or ...
CVE-2022-22754If a user installed an extension of a particular type, the extension c ...
CVE-2022-22753A Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) S ...
CVE-2022-22751Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, J ...
CVE-2022-22748Malicious websites could have confused Firefox into showing the wrong ...
CVE-2022-22747After accepting an untrusted certificate, handling an empty pkcs7 sequ ...
CVE-2022-22746A race condition could have allowed bypassing the fullscreen notificat ...
CVE-2022-22745Securitypolicyviolation events could have leaked cross-origin informat ...
CVE-2022-22744The constructed curl command from the "Copy as curl" feature in DevToo ...
CVE-2022-22743When navigating from inside an iframe while requesting fullscreen acce ...
CVE-2022-22742When inserting text while in edit mode, some characters might have lea ...
CVE-2022-22741When resizing a popup while requesting fullscreen access, the popup wo ...
CVE-2022-22740Certain network request objects were freed too early when releasing a ...
CVE-2022-22739Malicious websites could have tricked users into accepting launching a ...
CVE-2022-22738Applying a CSS filter effect could have accessed out of bounds memory. ...
CVE-2022-22737Constructing audio sinks could have lead to a race condition when play ...
CVE-2022-3266An out-of-bounds read can occur when decoding H264 video. This results ...
CVE-2022-3155When saving or opening an email attachment on macOS, Thunderbird did n ...
CVE-2022-3034When receiving an HTML email that specified to load an <code>iframe</c ...
CVE-2022-3033If a Thunderbird user replied to a crafted HTML email containing a <co ...
CVE-2022-3032When receiving an HTML email that contained an <code>iframe</code> ele ...
CVE-2022-2505Mozilla developers and the Mozilla Fuzzing Team reported memory safety ...
CVE-2022-2226An OpenPGP digital signature includes information about the date when ...
CVE-2022-2200If an object prototype was corrupted by an attacker, they would have b ...
CVE-2022-1834When displaying the sender of an email, and the sender name contained ...
CVE-2022-1802If an attacker was able to corrupt the methods of an Array object in J ...
CVE-2022-1529An attacker could have sent a message to the parent process where the ...
CVE-2022-1520When viewing an email message A, which contains an attached message B, ...
CVE-2022-1197When importing a revoked key that specified key compromise as the revo ...
CVE-2022-1196After a VR Process is destroyed, a reference to it may have been retai ...
CVE-2022-1097<code>NSSToken</code> objects were referenced via direct points, and c ...
CVE-2022-0566It may be possible for an attacker to craft an email message that caus ...
CVE-2021-44538The olm_session_describe function in Matrix libolm before 3.2.7 is vul ...
CVE-2021-43546It was possible to recreate previous cursor spoofing attacks against u ...
CVE-2021-43545Using the Location API in a loop could have caused severe application ...
CVE-2021-43543Documents loaded with the CSP sandbox directive could have escaped the ...
CVE-2021-43542Using XMLHttpRequest, an attacker could have identified installed appl ...
CVE-2021-43541When invoking protocol handlers for external protocols, a supplied par ...
CVE-2021-43539Failure to correctly record the location of live pointers across wasm ...
CVE-2021-43538By misusing a race in our notification code, an attacker could have fo ...
CVE-2021-43537An incorrect type conversion of sizes from 64bit to 32bit integers all ...
CVE-2021-43536Under certain circumstances, asynchronous functions could have caused ...
CVE-2021-43535A use-after-free could have occured when an HTTP2 session object was r ...
CVE-2021-43534Mozilla developers and community members reported memory safety bugs p ...
CVE-2021-43529Thunderbird versions prior to 91.3.0 are vulnerable to the heap overfl ...
CVE-2021-43528Thunderbird unexpectedly enabled JavaScript in the composition area. T ...
CVE-2021-38510The executable file warning was not presented when downloading .inetlo ...
CVE-2021-38509Due to an unusual sequence of attacker-controlled events, a Javascript ...
CVE-2021-38508By displaying a form validity message in the correct location at the s ...
CVE-2021-38507The Opportunistic Encryption feature of HTTP2 (RFC 8164) allows a conn ...
CVE-2021-38506Through a series of navigations, Firefox could have entered fullscreen ...
CVE-2021-38505Microsoft introduced a new feature in Windows 10 known as Cloud Clipbo ...
CVE-2021-38504When interacting with an HTML input element's file picker dialog with ...
CVE-2021-38503The iframe sandbox rules were not correctly applied to XSLT stylesheet ...
CVE-2021-38502Thunderbird ignored the configuration to require STARTTLS security for ...
CVE-2021-38501Mozilla developers reported memory safety bugs present in Firefox 92 a ...
CVE-2021-38500Mozilla developers reported memory safety bugs present in Firefox 92 a ...
CVE-2021-38498During process shutdown, a document could have caused a use-after-free ...
CVE-2021-38497Through use of reportValidity() and window.open(), a plain-text valida ...
CVE-2021-38496During operations on MessageTasks, a task may have been removed while ...
CVE-2021-38495Mozilla developers reported memory safety bugs present in Thunderbird ...
CVE-2021-38493Mozilla developers reported memory safety bugs present in Firefox 91 a ...
CVE-2021-38492When delegating navigations to the operating system, Firefox would acc ...
CVE-2021-32810crossbeam-deque is a package of work-stealing deques for building task ...
CVE-2021-30547Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 a ...
CVE-2021-29989Mozilla developers reported memory safety bugs present in Firefox 90 a ...
CVE-2021-29988Firefox incorrectly treated an inline list-item element as a block ele ...
CVE-2021-29987After requesting multiple permissions, and closing the first permissio ...
CVE-2021-29986A suspected race condition when calling getaddrinfo led to memory corr ...
CVE-2021-29985A use-after-free vulnerability in media channels could have led to mem ...
CVE-2021-29984Instruction reordering resulted in a sequence of instructions that wou ...
CVE-2021-29982Due to incorrect JIT optimization, we incorrectly interpreted data fro ...
CVE-2021-29981An issue present in lowering/register allocation could have led to obs ...
CVE-2021-29980Uninitialized memory in a canvas object could have caused an incorrect ...
CVE-2021-29976Mozilla developers reported memory safety bugs present in code shared ...
CVE-2021-29970A malicious webpage could have triggered a use-after-free, memory corr ...
CVE-2021-29969If Thunderbird was configured to use STARTTLS for an IMAP connection, ...
CVE-2021-29967Mozilla developers reported memory safety bugs present in Firefox 88 a ...
CVE-2021-29964A locally-installed hostile program could send `WM_COPYDATA` messages ...
CVE-2021-29957If a MIME encoded email contains an OpenPGP inline signed or encrypted ...
CVE-2021-29956OpenPGP secret keys that were imported using Thunderbird version 78.8. ...
CVE-2021-29951The Mozilla Maintenance Service granted SERVICE_START access to BUILTI ...
CVE-2021-29950Thunderbird unprotects a secret OpenPGP key prior to using it for a de ...
CVE-2021-29949When loading the shared library that provides the OTR protocol impleme ...
CVE-2021-29948Signatures are written to disk before and read during verification, wh ...
CVE-2021-29946Ports that were written as an integer overflow above the bounds of a 1 ...
CVE-2021-29945The WebAssembly JIT could miscalculate the size of a return type, whic ...
CVE-2021-24002When a user clicked on an FTP URL containing encoded newline character ...
CVE-2021-23999If a Blob URL was loaded through some unusual user interaction, it cou ...
CVE-2021-23998Through complicated navigations with new windows, an HTTP page could h ...
CVE-2021-23995When Responsive Design Mode was enabled, it used references to objects ...
CVE-2021-23994A WebGL framebuffer was not initialized early enough, resulting in mem ...
CVE-2021-23993An attacker may perform a DoS attack to prevent a user from sending en ...
CVE-2021-23992Thunderbird did not check if the user ID associated with an OpenPGP ke ...
CVE-2021-23991If a Thunderbird user has previously imported Alice's OpenPGP key, and ...
CVE-2021-23987Mozilla developers and community members reported memory safety bugs p ...
CVE-2021-23984A malicious extension could have opened a popup window lacking an addr ...
CVE-2021-23982Using techniques that built on the slipstream research, a malicious we ...
CVE-2021-23981A texture upload of a Pixel Buffer Object could have confused the WebG ...
CVE-2021-23978Mozilla developers reported memory safety bugs present in Firefox 85 a ...
CVE-2021-23973When trying to load a cross-origin resource in an audio/video context ...
CVE-2021-23969As specified in the W3C Content Security Policy draft, when creating a ...
CVE-2021-23968If Content Security Policy blocked frame navigation, the full destinat ...
CVE-2021-23964Mozilla developers reported memory safety bugs present in Firefox 84 a ...
CVE-2021-23961Further techniques that built on the slipstream research combined with ...
CVE-2021-23960Performing garbage collection on re-declared JavaScript variables resu ...
CVE-2021-23954Using the new logical assignment operators in a JavaScript switch stat ...
CVE-2021-23953If a user clicked into a specifically crafted PDF, the PDF reader coul ...
CVE-2021-4140It was possible to construct specific XSLT markup that would be able t ...
CVE-2021-4129Mozilla developers and community members Julian Hector, Randell Jesup, ...
CVE-2021-4127An out of date graphics library (Angle) likely contained vulnerabiliti ...
CVE-2021-4126When receiving an OpenPGP/MIME signed email message that contains an a ...
CVE-2020-35113Mozilla developers reported memory safety bugs present in Firefox 83 a ...
CVE-2020-35112If a user downloaded a file lacking an extension on Windows, and then ...
CVE-2020-35111When an extension with the proxy permission registered to receive <all ...
CVE-2020-26978Using techniques that built on the slipstream research, a malicious we ...
CVE-2020-26976When a HTTPS pages was embedded in a HTTP page, and there was a servic ...
CVE-2020-26974When flex-basis was used on a table wrapper, a StyleGenericFlexBasis o ...
CVE-2020-26973Certain input to the CSS Sanitizer confused it, resulting in incorrect ...
CVE-2020-26971Certain blit values provided by the user were not properly constrained ...
CVE-2020-26970When reading SMTP server status codes, Thunderbird writes an integer v ...
CVE-2020-26968Mozilla developers reported memory safety bugs present in Firefox 82 a ...
CVE-2020-26966Searching for a single word from the address bar caused an mDNS reques ...
CVE-2020-26965Some websites have a feature "Show Password" where clicking a button w ...
CVE-2020-26961When DNS over HTTPS is in use, it intentionally filters RFC1918 and re ...
CVE-2020-26960If the Compact() method was called on an nsTArray, the array could hav ...
CVE-2020-26959During browser shutdown, reference decrementing could have occured on ...
CVE-2020-26958Firefox did not block execution of scripts with incorrect MIME types w ...
CVE-2020-26956In some cases, removing HTML elements during sanitization would keep e ...
CVE-2020-26953It was possible to cause the browser to enter fullscreen mode without ...
CVE-2020-26951A parsing and event loading mismatch in Firefox's SVG code could have ...
CVE-2020-26950In certain circumstances, the MCallGetProperty opcode can be emitted w ...
CVE-2020-16044Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowe ...
CVE-2020-16042Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed ...
CVE-2020-16012Side-channel information leakage in graphics in Google Chrome prior to ...
CVE-2020-15969Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowe ...
CVE-2020-15685During the plaintext phase of the STARTTLS connection setup, protocol ...
CVE-2020-15683Mozilla developers and community members reported memory safety bugs p ...
CVE-2020-15678When recursing through graphical layers while scrolling, an iterator m ...
CVE-2020-15677By exploiting an Open Redirect vulnerability on a website, an attacker ...
CVE-2020-15676Firefox sometimes ran the onload handler for SVG elements that the DOM ...
CVE-2020-15673Mozilla developers reported memory safety bugs present in Firefox 80 a ...
CVE-2020-15669When aborting an operation, such as a fetch, an abort signal may be de ...
CVE-2020-15664By holding a reference to the eval() function from an about:blank wind ...
CVE-2020-15663If Firefox is installed to a user-writable directory, the Mozilla Main ...
CVE-2020-15659Mozilla developers and community members reported memory safety bugs p ...
CVE-2020-15658The code for downloading files did not properly take care of special c ...
CVE-2020-15657Firefox could be made to load attacker-supplied DLL files from the ins ...
CVE-2020-15656JIT optimizations involving the Javascript arguments object could conf ...
CVE-2020-15655A redirected HTTP request which is observed or modified through a web ...
CVE-2020-15654When in an endless loop, a website specifying a custom cursor using CS ...
CVE-2020-15653An iframe sandbox element with the allow-popups flag could be bypassed ...
CVE-2020-15652By observing the stack trace for JavaScript errors in web workers, it ...
CVE-2020-15646If an attacker intercepts Thunderbird's initial attempt to perform aut ...
CVE-2020-12421When performing add-on updates, certificate chains terminating in non- ...
CVE-2020-12420When trying to connect to a STUN server, a race condition could have c ...
CVE-2020-12419When processing callbacks that occurred during window flushing in the ...
CVE-2020-12418Manipulating individual parts of a URL object could have caused an out ...
CVE-2020-12417Due to confusion about ValueTags on JavaScript Objects, an object may ...
CVE-2020-12410Mozilla developers reported memory safety bugs present in Firefox 76 a ...
CVE-2020-12406Mozilla Developer Iain Ireland discovered a missing type check during ...
CVE-2020-12405When browsing a malicious page, a race condition in our SharedWorkerSe ...
CVE-2020-12399NSS has shown timing differences when performing DSA signatures, which ...
CVE-2020-12398If Thunderbird is configured to use STARTTLS for an IMAP server, and t ...
CVE-2020-12397By encoding Unicode whitespace characters within the From email header ...
CVE-2020-12395Mozilla developers and community members reported memory safety bugs p ...
CVE-2020-12393The 'Copy as cURL' feature of Devtools' network tab did not properly e ...
CVE-2020-12392The 'Copy as cURL' feature of Devtools' network tab did not properly e ...
CVE-2020-12387A race condition when running shutdown code for Web Worker led to a us ...
CVE-2020-6831A buffer overflow could occur when parsing and validating SCTP chunks ...
CVE-2020-6825Mozilla developers and community members Tyson Smith and Christian Hol ...
CVE-2020-6822On 32-bit builds, an out of bounds write could have occurred when proc ...
CVE-2020-6821When reading from areas partially or fully outside the source resource ...
CVE-2020-6820Under certain conditions, when handling a ReadableStream, a race condi ...
CVE-2020-6819Under certain conditions, when running the nsDocShell destructor, a ra ...
CVE-2020-6814Mozilla developers reported memory safety bugs present in Firefox and ...
CVE-2020-6812The first time AirPods are connected to an iPhone, they become named a ...
CVE-2020-6811The 'Copy as cURL' feature of Devtools' network tab did not properly e ...
CVE-2020-6807When a device was changed while a stream was about to be destroyed, th ...
CVE-2020-6806By carefully crafting promise resolutions, it was possible to cause an ...
CVE-2020-6805When removing data about an origin whose tab was recently closed, a us ...
CVE-2020-6800Mozilla developers and community members reported memory safety bugs p ...
CVE-2020-6798If a template tag was used in a select tag, the parser could be confus ...
CVE-2020-6797By downloading a file with the .fileloc extension, a semi-privileged e ...
CVE-2020-6795When processing a message that contains multiple S/MIME signatures, a ...
CVE-2020-6794If a user saved passwords before Thunderbird 60 and then later set a m ...
CVE-2020-6793When processing an email message with an ill-formed envelope, Thunderb ...
CVE-2020-6792When deriving an identifier for an email message, uninitialized memory ...
CVE-2020-6514Inappropriate implementation in WebRTC in Google Chrome prior to 84.0. ...
CVE-2020-6463Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowe ...
CVE-2019-20503usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_address ...
CVE-2019-17026Incorrect alias information in IonMonkey JIT compiler for setting arra ...
CVE-2019-17024Mozilla developers reported memory safety bugs present in Firefox 71 a ...
CVE-2019-17022When pasting a &lt;style&gt; tag from the clipboard into a rich text e ...
CVE-2019-17021During the initialization of a new content process, a race condition o ...
CVE-2019-17017Due to a missing case handling object types, a type confusion vulnerab ...
CVE-2019-17016When pasting a &lt;style&gt; tag from the clipboard into a rich text e ...
CVE-2019-17015During the initialization of a new content process, a pointer offset c ...
CVE-2019-17012Mozilla developers reported memory safety bugs present in Firefox 70 a ...
CVE-2019-17011Under certain conditions, when retrieving a document from a DocShell i ...
CVE-2019-17010Under certain conditions, when checking the Resist Fingerprinting pref ...
CVE-2019-17009When running, the updater service wrote status and log files to an unr ...
CVE-2019-17008When using nested workers, a use-after-free could occur during worker ...
CVE-2019-17005The plain text serializer used a fixed-size array for the number of <o ...
CVE-2019-15903In libexpat before 2.2.8, crafted XML input could fool the parser into ...
CVE-2019-13722Inappropriate implementation in WebRTC in Google Chrome prior to 79.0. ...
CVE-2019-11764Mozilla developers and community members reported memory safety bugs p ...
CVE-2019-11763Failure to correctly handle null bytes when processing HTML entities r ...
CVE-2019-11762If two same-origin documents set document.domain differently to become ...
CVE-2019-11761By using a form with a data URI it was possible to gain access to the ...
CVE-2019-11760A fixed-size stack buffer could overflow in nrappkit when doing WebRTC ...
CVE-2019-11759An attacker could have caused 4 bytes of HMAC output to be written pas ...
CVE-2019-11758Mozilla community member Philipp reported a memory safety bug present ...
CVE-2019-11757When following the value's prototype chain, it was possible to retain ...
CVE-2019-11755A crafted S/MIME message consisting of an inner encryption layer and a ...
CVE-2019-11752It is possible to delete an IndexedDB key value and subsequently try t ...
CVE-2019-11746A use-after-free vulnerability can occur while manipulating video elem ...
CVE-2019-11744Some HTML elements, such as &lt;title&gt; and &lt;textarea&gt;, can co ...
CVE-2019-11743Navigation events were not fully adhering to the W3C's "Navigation-Tim ...
CVE-2019-11742A same-origin policy violation occurs allowing the theft of cross-orig ...
CVE-2019-11740Mozilla developers and community members reported memory safety bugs p ...
CVE-2019-11739Encrypted S/MIME parts in a crafted multipart/alternative message can ...
CVE-2019-11730A vulnerability exists where if a user opens a locally saved HTML file ...
CVE-2019-11729Empty or malformed p256-ECDH public keys may trigger a segmentation fa ...
CVE-2019-11719When importing a curve25519 private key in PKCS#8format with leading 0 ...
CVE-2019-11717A vulnerability exists where the caret ("^") character is improperly e ...
CVE-2019-11715Due to an error while parsing page content, it is possible for properl ...
CVE-2019-11713A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/ ...
CVE-2019-11712POST requests made by NPAPI plugins, such as Flash, that receive a sta ...
CVE-2019-11711When an inner window is reused, it does not consider the use of docume ...
CVE-2019-11709Mozilla developers and community members reported memory safety bugs p ...
CVE-2019-11708Insufficient vetting of parameters passed with the Prompt:Open IPC mes ...
CVE-2019-11707A type confusion vulnerability can occur when manipulating JavaScript ...
CVE-2019-11706A flaw in Thunderbird's implementation of iCal causes a type confusion ...
CVE-2019-11705A flaw in Thunderbird's implementation of iCal causes a stack buffer o ...
CVE-2019-11704A flaw in Thunderbird's implementation of iCal causes a heap buffer ov ...
CVE-2019-11703A flaw in Thunderbird's implementation of iCal causes a heap buffer ov ...
CVE-2019-11698If a crafted hyperlink is dragged and dropped to the bookmark bar or s ...
CVE-2019-11694A vulnerability exists in the Windows sandbox where an uninitialized v ...
CVE-2019-11693The bufferdata function in WebGL is vulnerable to a buffer overflow wi ...
CVE-2019-11692A use-after-free vulnerability can occur when listeners are removed fr ...
CVE-2019-11691A use-after-free vulnerability can occur when working with XMLHttpRequ ...
CVE-2019-9820A use-after-free vulnerability can occur in the chrome event handler w ...
CVE-2019-9819A vulnerability where a JavaScript compartment mismatch can occur whil ...
CVE-2019-9818A race condition is present in the crash generation server used to gen ...
CVE-2019-9817Images from a different domain can be read using a canvas object in so ...
CVE-2019-9816A possible vulnerability exists where type confusion can occur when ma ...
CVE-2019-9815If hyperthreading is not disabled, a timing attack vulnerability exist ...
CVE-2019-9811As part of a winning Pwn2Own entry, a researcher demonstrated a sandbo ...
CVE-2019-9801Firefox will accept any registered Program ID as an external protocol ...
CVE-2019-9800Mozilla developers and community members reported memory safety bugs p ...
CVE-2019-9797Cross-origin images can be read in violation of the same-origin policy ...
CVE-2019-9796A use-after-free vulnerability can occur when the SMIL animation contr ...
CVE-2019-9795A vulnerability where type-confusion in the IonMonkey just-in-time (JI ...
CVE-2019-9794A vulnerability was discovered where specific command line arguments a ...
CVE-2019-9793A mechanism was discovered that removes some bounds checking for strin ...
CVE-2019-9792The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTI ...
CVE-2019-9791The type inference system allows the compilation of functions that can ...
CVE-2019-9790A use-after-free vulnerability can occur when a raw pointer to a DOM e ...
CVE-2019-9788Mozilla developers and community members reported memory safety bugs p ...
CVE-2019-7317png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after- ...
CVE-2019-5798Lack of correct bounds checking in Skia in Google Chrome prior to 73.0 ...
CVE-2019-5785Incorrect convexity calculations in Skia in Google Chrome prior to 72. ...
CVE-2018-18513A crash can occur when processing a crafted S/MIME message or an XPI p ...
CVE-2018-18512A use-after-free vulnerability can occur while playing a sound notific ...
CVE-2018-18511Cross-origin images can be read from a canvas element in violation of ...
CVE-2018-18509A flaw during verification of certain S/MIME signatures causes emails ...
CVE-2018-18506When proxy auto-detection is enabled, if a web server serves a Proxy A ...
CVE-2018-18505An earlier fix for an Inter-process Communication (IPC) vulnerability, ...
CVE-2018-18501Mozilla developers and community members reported memory safety bugs p ...
CVE-2018-18500A use-after-free vulnerability can occur while parsing an HTML5 stream ...
CVE-2018-18499A same-origin policy violation allowing the theft of cross-origin URL ...
CVE-2018-18498A potential vulnerability leading to an integer overflow can occur dur ...
CVE-2018-18494A same-origin policy violation allowing the theft of cross-origin URL ...
CVE-2018-18493A buffer overflow can occur in the Skia library during buffer offset c ...
CVE-2018-18492A use-after-free vulnerability can occur after deleting a selection el ...
CVE-2018-18356An integer overflow in path handling lead to a use after free in Skia ...
CVE-2018-18335Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 al ...
CVE-2018-17466Incorrect texture handling in Angle in Google Chrome prior to 70.0.353 ...
CVE-2018-12405Mozilla developers and community members reported memory safety bugs p ...
CVE-2018-12393A potential vulnerability was found in 32-bit builds where an integer ...
CVE-2018-12392When manipulating user events in nested loops while opening a document ...
CVE-2018-12391During HTTP Live Stream playback on Firefox for Android, audio data ca ...
CVE-2018-12390Mozilla developers and community members reported memory safety bugs p ...
CVE-2018-12389Mozilla developers and community members reported memory safety bugs p ...
CVE-2018-12385A potentially exploitable crash in TransportSecurityInfo used for SSL ...
CVE-2018-12383If a user saved passwords before Firefox 58 and then later set a maste ...
CVE-2018-12379When the Mozilla Updater opens a MAR format file which contains a very ...
CVE-2018-12378A use-after-free vulnerability can occur when an IndexedDB index is de ...
CVE-2018-12377A use-after-free vulnerability can occur when refresh driver timers ar ...
CVE-2018-12376Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of ...
CVE-2018-12374Plaintext of decrypted emails can leak through by user submitting an e ...
CVE-2018-12373dDecrypted S/MIME parts hidden with CSS or the plaintext HTML tag can ...
CVE-2018-12372Decrypted S/MIME parts, when included in HTML crafted for an attack, c ...
CVE-2018-12371An integer overflow vulnerability in the Skia library when allocating ...
CVE-2018-12368Windows 10 does not warn users before opening executable files with th ...
CVE-2018-12367In the previous mitigations for Spectre, the resolution or precision o ...
CVE-2018-12366An invalid grid size during QCMS (color profile) transformations can r ...
CVE-2018-12365A compromised IPC child process can escape the content sandbox and lis ...
CVE-2018-12364NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin r ...
CVE-2018-12363A use-after-free vulnerability can occur when script uses mutation eve ...
CVE-2018-12362An integer overflow can occur during graphics operations done by the S ...
CVE-2018-12361An integer overflow can occur in the SwizzleData code while calculatin ...
CVE-2018-12360A use-after-free vulnerability can occur when deleting an input elemen ...
CVE-2018-12359A buffer overflow can occur when rendering canvas content while adjust ...
CVE-2018-5188Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ...
CVE-2018-5187Memory safety bugs present in Firefox 60 and Firefox ESR 60. Some of t ...
CVE-2018-5185Plaintext of decrypted emails can leak through by user submitting an e ...
CVE-2018-5184Using remote content in encrypted messages can lead to the disclosure ...
CVE-2018-5183Mozilla developers backported selected changes in the Skia library. Th ...
CVE-2018-5178A buffer overflow was found during UTF8 to Unicode string conversion w ...
CVE-2018-5174In the Windows 10 April 2018 Update, Windows Defender SmartScreen hono ...
CVE-2018-5170It is possible to spoof the filename of an attachment and display an a ...
CVE-2018-5168Sites can bypass security checks on permissions to install lightweight ...
CVE-2018-5162Plaintext of decrypted emails can leak through the src attribute of re ...
CVE-2018-5161Crafted message headers can cause a Thunderbird process to hang on rec ...
CVE-2018-5159An integer overflow can occur in the Skia library due to 32-bit intege ...
CVE-2018-5156A vulnerability can occur when capturing a media stream when the media ...
CVE-2018-5155A use-after-free vulnerability can occur while adjusting layout during ...
CVE-2018-5154A use-after-free vulnerability can occur while enumerating attributes ...
CVE-2018-5150Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and ...
CVE-2018-5146An out of bounds memory write while processing Vorbis audio data was r ...
CVE-2018-5145Memory safety bugs were reported in Firefox ESR 52.6. These bugs showe ...
CVE-2018-5144An integer overflow can occur during conversion of text to some Unicod ...
CVE-2018-5129A lack of parameter validation on IPC messages results in a potential ...
CVE-2018-5127A buffer overflow can occur when manipulating the SVG "animatedPathSeg ...
CVE-2018-5125Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. S ...
CVE-2018-5117If right-to-left text is used in the addressbar with left-to-right ali ...
CVE-2018-5104A use-after-free vulnerability can occur during font face manipulation ...
CVE-2018-5103A use-after-free vulnerability can occur during mouse event handling d ...
CVE-2018-5102A use-after-free vulnerability can occur when manipulating HTML media ...
CVE-2018-5099A use-after-free vulnerability can occur when the widget listener is h ...
CVE-2018-5098A use-after-free vulnerability can occur when form input elements, foc ...
CVE-2018-5097A use-after-free vulnerability can occur during XSL transformations wh ...
CVE-2018-5096A use-after-free vulnerability can occur while editing events in form ...
CVE-2018-5095An integer overflow vulnerability in the Skia library when allocating ...
CVE-2018-5089Memory safety bugs were reported in Firefox 57 and Firefox ESR 52.5. S ...
CVE-2017-16541Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to ...
CVE-2017-7848RSS fields can inject new lines into the created email structure, modi ...
CVE-2017-7847Crafted CSS in an RSS feed can leak and reveal local path strings, whi ...
CVE-2017-7846It is possible to execute JavaScript in the parsed RSS feed when RSS f ...
CVE-2017-7845A buffer overflow occurs when drawing and validating elements using Di ...
CVE-2017-7830The Resource Timing API incorrectly revealed navigations in cross-orig ...
CVE-2017-7829It is possible to spoof the sender's email address and display an arbi ...
CVE-2017-7828A use-after-free vulnerability can occur when flushing and resizing la ...
CVE-2017-7826Memory safety bugs were reported in Firefox 56 and Firefox ESR 52.4. S ...
CVE-2017-7824A buffer overflow occurs when drawing and validating elements with the ...
CVE-2017-7823The content security policy (CSP) "sandbox" directive did not create a ...
CVE-2017-7819A use-after-free vulnerability can occur in design mode when image obj ...
CVE-2017-7818A use-after-free vulnerability can occur when manipulating arrays of A ...
CVE-2017-7814File downloads encoded with "blob:" and "data:" URL elements bypassed ...
CVE-2017-7810Memory safety bugs were reported in Firefox 55 and Firefox ESR 52.3. S ...
CVE-2017-7805During TLS 1.2 exchanges, handshake hashes are generated which point t ...
CVE-2017-7793A use-after-free vulnerability can occur in the Fetch API when the wor ...
CVE-2016-5824libical 1.0 allows remote attackers to cause a denial of service (use- ...
CVE-2006-4571Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, Thunde ...
CVE-2006-4570Mozilla Thunderbird before 1.5.0.7 and SeaMonkey before 1.0.5, with "L ...
CVE-2006-4569The popup blocker in Mozilla Firefox before 1.5.0.7 opens the "blocked ...
CVE-2006-4568Mozilla Firefox before 1.5.0.7 and SeaMonkey before 1.0.5 allows remot ...
CVE-2006-4567Mozilla Firefox before 1.5.0.7 and Thunderbird before 1.5.0.7 makes it ...
CVE-2006-4566Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMon ...
CVE-2006-4565Heap-based buffer overflow in Mozilla Firefox before 1.5.0.7, Thunderb ...
CVE-2006-4340Mozilla Network Security Service (NSS) library before 3.11.3, as used ...
CVE-2006-4253Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allow ...
CVE-2006-3812Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMon ...
CVE-2006-3811Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbir ...
CVE-2006-3810Cross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 before ...
CVE-2006-3809Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMon ...
CVE-2006-3808Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remot ...
CVE-2006-3807Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMon ...
CVE-2006-3806Multiple integer overflows in the Javascript engine in Mozilla Firefox ...
CVE-2006-3805The Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird b ...
CVE-2006-3804Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and S ...
CVE-2006-3803Race condition in the JavaScript garbage collection in Mozilla Firefox ...
CVE-2006-3802Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMon ...
CVE-2006-3801Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 does not ...
CVE-2006-3677Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows r ...
CVE-2006-3113Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and Se ...
CVE-2006-2787EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows ...
CVE-2006-2786HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbi ...
CVE-2006-2783Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode Byte- ...
CVE-2006-2781Double free vulnerability in nsVCard.cpp in Mozilla Thunderbird before ...
CVE-2006-2780Integer overflow in Mozilla Firefox and Thunderbird before 1.5.0.4 all ...
CVE-2006-2779Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers ...
CVE-2006-2778The crypto.signText function in Mozilla Firefox and Thunderbird before ...
CVE-2006-2776Certain privileged UI code in Mozilla Firefox and Thunderbird before 1 ...
CVE-2006-2775Mozilla Firefox and Thunderbird before 1.5.0.4 associates XUL attribut ...
CVE-2006-1942Mozilla Firefox 1.5.0.2 and possibly other versions before 1.5.0.4, Ne ...
CVE-2006-1790A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to c ...
CVE-2006-1742The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1. ...
CVE-2006-1741Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite b ...
CVE-2006-1740Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite b ...
CVE-2006-1739The CSS border-rendering code in Mozilla Firefox and Thunderbird 1.x b ...
CVE-2006-1738Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x befor ...
CVE-2006-1737Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and ...
CVE-2006-1735Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, ...
CVE-2006-1734Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, ...
CVE-2006-1733Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, ...
CVE-2006-1732Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x befor ...
CVE-2006-1731Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, ...
CVE-2006-1730Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 ...
CVE-2006-1728Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x befor ...
CVE-2006-1727Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x befor ...
CVE-2006-1726Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0. ...
CVE-2006-1724Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1 ...
CVE-2006-1723Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, a ...
CVE-2006-1531Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, a ...
CVE-2006-1530Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, a ...
CVE-2006-1529Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, a ...
CVE-2006-1045The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block load ...
CVE-2006-0884The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbi ...
CVE-2006-0749nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1. ...
CVE-2006-0748Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1. ...
CVE-2006-0299The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird ...
CVE-2006-0298The XML parser in Mozilla Firefox before 1.5.0.1 and SeaMonkey before ...
CVE-2006-0297Multiple integer overflows in Mozilla Firefox 1.5, Thunderbird 1.5 if ...
CVE-2006-0296The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, a ...
CVE-2006-0295Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, ...
CVE-2006-0294Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript ...
CVE-2006-0292The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before ...
CVE-2005-2353run-mozilla.sh in Thunderbird, with debugging enabled, allows local us ...

Security announcements

DSA / DLADescription
DLA-3969-1thunderbird - security update
DSA-5821-1thunderbird - security update
DLA-3960-1thunderbird - security update
DSA-5814-1thunderbird - security update
DSA-5803-1thunderbird - security update
DLA-3944-1thunderbird - security update
DSA-5789-1thunderbird - security update
DLA-3916-1thunderbird - security update
DLA-3882-1thunderbird - security update
DSA-5767-1thunderbird - security update
DSA-5744-1thunderbird - security update
DSA-5733-1thunderbird - security update
DLA-3836-1thunderbird - security update
DSA-5711-1thunderbird - security update
DLA-3817-1thunderbird - security update
DSA-5693-1thunderbird - security update
DSA-5670-1thunderbird - security update
DLA-3791-1thunderbird - security update
DLA-3769-1thunderbird - security update
DSA-5644-1thunderbird - security update
DLA-3748-1thunderbird - security update
DSA-5630-1thunderbird - security update
DLA-3720-1thunderbird - security update
DSA-5605-1thunderbird - security update
DLA-3698-1thunderbird - security update
DSA-5582-1thunderbird - security update
DLA-3674-1thunderbird - security update
DSA-5566-1thunderbird - security update
DLA-3637-1thunderbird - security update
DSA-5538-1thunderbird - security update
DLA-3601-1thunderbird - security update
DSA-5513-1thunderbird - security update
DLA-3569-1thunderbird - security update
DSA-5498-1thunderbird - security update
DLA-3554-1thunderbird - security update
DSA-5488-1thunderbird - security update
DLA-3521-1thunderbird - security update
DSA-5469-1thunderbird - security update
DLA-3510-1thunderbird - security update
DSA-5463-1thunderbird - security update
DLA-3490-1thunderbird - security update
DSA-5451-1thunderbird - security update
DLA-3452-1thunderbird - security update
DSA-5423-1thunderbird - security update
DLA-3421-1thunderbird - security update
DSA-5403-1thunderbird - security update
DLA-3400-1thunderbird - security update
DSA-5392-1thunderbird - security update
DLA-3365-1thunderbird - security update
DSA-5375-1thunderbird - security update
DLA-3324-1thunderbird - security update
DSA-5355-1thunderbird - security update
DSA-5303-1thunderbird - security update
DLA-3242-1thunderbird - security update
DSA-5284-1thunderbird - security update
DLA-3196-1thunderbird - security update
DLA-3170-1thunderbird - security update
DSA-5262-1thunderbird - security update
DSA-5238-1thunderbird - security update
DLA-3123-1thunderbird - security update
DLA-3097-1thunderbird - security update
DSA-5221-1thunderbird - security update
DSA-5195-1thunderbird - security update
DSA-5175-1thunderbird - security update
DSA-5158-1thunderbird - security update
DLA-3041-1thunderbird - security update
DLA-3020-1thunderbird - security update
DSA-5141-1thunderbird - security update
DLA-2978-1thunderbird - security update
DSA-5118-1thunderbird - security update
DLA-2961-1thunderbird - security update
DSA-5106-1thunderbird - security update
DLA-2939-1thunderbird - security update
DSA-5094-1thunderbird - security update
DLA-2930-1thunderbird - security update
DSA-5086-1thunderbird - security update
DLA-2921-1thunderbird - security update
DSA-5074-1thunderbird - security update
DLA-2881-1thunderbird - security update
DSA-5045-1thunderbird - security update
DLA-2874-1thunderbird - security update
DSA-5034-1thunderbird - security update
DLA-2757-1thunderbird - security update
DSA-4973-1thunderbird - security update
DLA-2745-1thunderbird - security update
DSA-4959-1thunderbird - security update
DLA-2711-1thunderbird - security update
DSA-4940-1thunderbird - security update
DLA-2679-1thunderbird - security update
DSA-4927-1thunderbird - security update
DSA-4897-1thunderbird - security update
DLA-2632-1thunderbird - security update
DLA-2609-1thunderbird - security update
DSA-4876-1thunderbird - security update
DLA-2578-1thunderbird - security update
DSA-4866-1thunderbird - security update
DLA-2541-1thunderbird - security update
DSA-4842-1thunderbird - security update
DSA-4815-1thunderbird - security update
DLA-2497-1thunderbird - security update
DLA-2479-1thunderbird - security update
DSA-4802-1thunderbird - security update
DLA-2464-1thunderbird - security update
DSA-4796-1thunderbird - security update
DLA-2449-1thunderbird - security update
DSA-4790-1thunderbird - security update
DLA-2416-1thunderbird - security update
DSA-4780-1thunderbird - security update
DLA-2408-1thunderbird - security update
DSA-4770-1thunderbird - security update
DLA-2360-1thunderbird - security update
DSA-4754-1thunderbird - security update
DSA-4740-1thunderbird - security update
DLA-2310-1thunderbird - security update
DSA-4718-1thunderbird - security update
DLA-2247-1thunderbird - security update
DSA-4702-1thunderbird - security update
DLA-2206-1thunderbird - security update
DSA-4683-1thunderbird - security update
DLA-2172-1thunderbird - security update
DSA-4656-1thunderbird - security update
DLA-2150-1thunderbird - security update
DSA-4642-1thunderbird - security update
DLA-2104-1thunderbird - security update
DSA-4625-1thunderbird - security update
DLA-2071-1thunderbird - security update
DSA-4603-1thunderbird - security update
DLA-2036-1thunderbird - security update
DSA-4585-1thunderbird - security update
DLA-1997-1thunderbird - security update
DSA-4571-1thunderbird - security update
DLA-1926-1thunderbird - security update
DSA-4523-1thunderbird - security update
DLA-1870-1thunderbird - security update
DSA-4482-1thunderbird - security update
DLA-1836-1thunderbird - security update
DSA-4471-1thunderbird - security update
DLA-1820-1thunderbird - security update
DSA-4464-1thunderbird - security update
DLA-1806-1thunderbird - security update
DSA-4451-1thunderbird - security update
DLA-1743-1thunderbird - security update
DSA-4420-1thunderbird - security update
DSA-4392-1thunderbird - security update
DLA-1678-1thunderbird - security update
DLA-1624-1thunderbird - security update
DSA-4362-1thunderbird - security update
DLA-1575-1thunderbird - security update
DSA-4337-1thunderbird - security update
DSA-4327-1thunderbird - security update
DSA-4295-1thunderbird - security update
DLA-1425-1thunderbird - security update
DSA-4244-1thunderbird - security update
DSA-4209-1thunderbird - security update
DLA-1382-1thunderbird - security update
DLA-1327-1thunderbird - security update
DSA-4155-1thunderbird - security update
DSA-4102-1thunderbird - security update
DLA-1262-1thunderbird - security update
DSA-4075-1thunderbird - security update
DLA-1223-1thunderbird - security update
DSA-4061-1thunderbird - security update
DLA-1199-1thunderbird - security update
DSA-4014-1thunderbird - security update
DLA-1153-1thunderbird - security update

Search for package or bug name: Reporting problems