Vulnerabilities > Mozilla > Thunderbird > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-02 | CVE-2023-29548 | Unspecified vulnerability in Mozilla products A wrong lowering instruction in the ARM64 Ion compiler resulted in a wrong optimization result. | 6.5 |
2023-06-02 | CVE-2023-32205 | Unspecified vulnerability in Mozilla Firefox In multiple cases browser prompts could have been obscured by popups controlled by content. | 4.3 |
2023-06-02 | CVE-2023-32206 | Out-of-bounds Read vulnerability in Mozilla Firefox An out-of-bound read could have led to a crash in the RLBox Expat driver. | 6.5 |
2023-06-02 | CVE-2023-32211 | Unspecified vulnerability in Mozilla Firefox A type checking bug would have led to invalid code being compiled. | 6.5 |
2023-06-02 | CVE-2023-32212 | Unspecified vulnerability in Mozilla Firefox An attacker could have positioned a <code>datalist</code> element to obscure the address bar. | 4.3 |
2022-12-22 | CVE-2021-4126 | Unspecified vulnerability in Mozilla Thunderbird When receiving an OpenPGP/MIME signed email message that contains an additional outer MIME message layer, for example a message footer added by a mailing list gateway, Thunderbird only considered the inner signed message for the signature validity. | 6.5 |
2022-12-22 | CVE-2022-1097 | Use After Free vulnerability in Mozilla Firefox ESR <code>NSSToken</code> objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. | 6.5 |
2022-12-22 | CVE-2022-1196 | Use After Free vulnerability in Mozilla Firefox ESR After a VR Process is destroyed, a reference to it may have been retained and used, leading to a use-after-free and potentially exploitable crash. | 6.5 |
2022-12-22 | CVE-2022-1197 | Improper Certificate Validation vulnerability in Mozilla Thunderbird When importing a revoked key that specified key compromise as the revocation reason, Thunderbird did not update the existing copy of the key that was not yet revoked, and the existing key was kept as non-revoked. | 5.4 |
2022-12-22 | CVE-2022-1520 | Unspecified vulnerability in Mozilla Thunderbird When viewing an email message A, which contains an attached message B, where B is encrypted or digitally signed or both, Thunderbird may show an incorrect encryption or signature status. | 4.3 |