Mozilla Thunderbird vulnerabilities

CVE-2023-29533 [MEDIUM] CVE-2023-29533: A website could have obscured the fullscreen notification by using a combination of <code>window.ope A website could have obscured the fullscreen notification by using a combination of window.open, fullscreen requests, window.name assignments, and setInterval calls. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thun

CVE-2023-1945 [MEDIUM] CWE-787 CVE-2023-1945: Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potent Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 102.10 and Firefox ESR < 102.10.

CVE-2023-32206 [MEDIUM] CWE-125 CVE-2023-32206: An out-of-bound read could have led to a crash in the RLBox Expat driver. This vulnerability affects An out-of-bound read could have led to a crash in the RLBox Expat driver. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.

CVE-2023-32211 [MEDIUM] CVE-2023-32211: A type checking bug would have led to invalid code being compiled. This vulnerability affects Firefo A type checking bug would have led to invalid code being compiled. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.

CVE-2023-25751 [MEDIUM] CVE-2023-25751: Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be overwritten incorrectly. This could lead to a potentially exploitable crash. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.

CVE-2023-0616 [MEDIUM] CWE-400 CVE-2023-0616: If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly attem If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly attempts to process and display the message, which could cause Thunderbird's user interface to lock up and no longer respond to the user's actions. An attacker could send a crafted message with this structure to attempt a DoS attack. This vulnerability affec

CVE-2023-25730 [MEDIUM] CWE-1021 CVE-2023-25730: A background script invoking <code>requestFullscreen</code> and then blocking the main thread could A background script invoking requestFullscreen and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

CVE-2023-28163 [MEDIUM] CWE-22 CVE-2023-28163: When downloading files through the Save As dialog on Windows with suggested filenames containing env When downloading files through the Save As dialog on Windows with suggested filenames containing environment variable names, Windows would have resolved those in the context of the current user. *This bug only affects Firefox on Windows. Other versions of Firefox are unaffected.*. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thu

CVE-2023-23602 [MEDIUM] CWE-754 CVE-2023-23602: A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Pol A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. This vulnerability affects Firefox < 109, Firefox ESR < 102.7, and Thunderbird < 102.7.

CVE-2023-0430 [MEDIUM] CWE-295 CVE-2023-0430: Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed wit Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed with a revoked certificate would be displayed as having a valid signature. Thunderbird versions from 68 to 102.7.0 were affected by this bug. This vulnerability affects Thunderbird < 102.7.1.

CVE-2023-29479 [MEDIUM] CVE-2023-29479: Ribose RNP before 0 Ribose RNP before 0.16.3 may hang when the input is malformed.

CVE-2023-28427 [HIGH] CVE-2023-28427: matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 24.0.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the matrix-js-sdk can appear to be operating normally but be excluding o

CVE-2022-36059 [MEDIUM] CVE-2022-36059: matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 19.4.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the matrix-js-sdk can appear to be operating normally but be excluding

CVE-2023-25152 [HIGH] thunderbird vulnerabilities thunderbird vulnerabilities Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2023-25152, CVE-2023-28162, CVE-2023-28176) Lukas Bernhard discovered that Thunderbird did

CVE-2021-43529 [CRITICAL] CVE-2021-43529: Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS signatures.

CVE-2021-4129 [CRITICAL] CWE-787 CVE-2021-4129: Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported memory safety bugs present in Firefox 94. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. Thi

CVE-2021-4140 [CRITICAL] CWE-91 CVE-2021-4140: It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. Th It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.

CVE-2022-26486 [CRITICAL] CWE-416 CVE-2022-26486: An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable san An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.

CVE-2022-29917 [CRITICAL] CWE-787 CVE-2022-29917: Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and the Mozilla Fuzzing Team report Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99 and Firefox ESR 91.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affect

CVE-2022-31736 [CRITICAL] CWE-942 CVE-2022-31736: A malicious website could have learned the size of a cross-origin resource that supported Range requ A malicious website could have learned the size of a cross-origin resource that supported Range requests. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.