Vulnerabilities > Mozilla > Thunderbird > 115.2.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-20 | CVE-2024-1550 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products A malicious website could have used a combination of exiting fullscreen mode and `requestPointerLock` to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting permissions they did not intend to grant. | 6.1 |
| 2024-02-20 | CVE-2024-1552 | Incorrect Conversion between Numeric Types vulnerability in multiple products Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior.*Note:* This issue only affects 32-bit ARM devices. | 7.5 |
| 2023-09-28 | CVE-2023-5217 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity webmproject microsoft mozilla fedoraproject debian apple google redhat CWE-787 | 8.8 |