Количество 11
Количество 11
CVE-2025-1015
The Thunderbird Address Book URI fields contained unsanitized links. This could be used by an attacker to create and export an address book containing a malicious payload in a field. For example, in the “Other” field of the Instant Messaging section. If another user imported the address book, clicking on the link could result in opening a web page inside Thunderbird, and that page could execute (unprivileged) JavaScript. This vulnerability affects Thunderbird < 128.7 and Thunderbird < 135.
CVE-2025-1015
The Thunderbird Address Book URI fields contained unsanitized links. This could be used by an attacker to create and export an address book containing a malicious payload in a field. For example, in the “Other” field of the Instant Messaging section. If another user imported the address book, clicking on the link could result in opening a web page inside Thunderbird, and that page could execute (unprivileged) JavaScript. This vulnerability affects Thunderbird < 128.7 and Thunderbird < 135.
CVE-2025-1015
The Thunderbird Address Book URI fields contained unsanitized links. This could be used by an attacker to create and export an address book containing a malicious payload in a field. For example, in the “Other” field of the Instant Messaging section. If another user imported the address book, clicking on the link could result in opening a web page inside Thunderbird, and that page could execute (unprivileged) JavaScript. This vulnerability affects Thunderbird < 128.7 and Thunderbird < 135.
CVE-2025-1015
The Thunderbird Address Book URI fields contained unsanitized links. T ...
GHSA-w5j5-j57f-hp27
The Thunderbird Address Book URI fields contained unsanitized links. This could be used by an attacker to create and export an address book containing a malicious payload in a field. For example, in the “Other” field of the Instant Messaging section. If another user imported the address book, clicking on the link could result in opening a web page inside Thunderbird, and that page could execute (unprivileged) JavaScript. This vulnerability affects Thunderbird < 128.7.
BDU:2025-02315
Уязвимость полей адресной книги Address Book URI почтового клиента Thunderbird, Thunderbird ESR, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю выполнить произвольный JavaScript-код
ROS-20251008-01
Множественные уязвимости thunderbird
RLSA-2025:1292
Important: thunderbird security update
ELSA-2025-1292
ELSA-2025-1292: thunderbird security update (IMPORTANT)
ELSA-2025-1184
ELSA-2025-1184: thunderbird security update (IMPORTANT)
SUSE-SU-2025:0405-1
Security update for MozillaThunderbird
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-1015 The Thunderbird Address Book URI fields contained unsanitized links. This could be used by an attacker to create and export an address book containing a malicious payload in a field. For example, in the “Other” field of the Instant Messaging section. If another user imported the address book, clicking on the link could result in opening a web page inside Thunderbird, and that page could execute (unprivileged) JavaScript. This vulnerability affects Thunderbird < 128.7 and Thunderbird < 135. | CVSS3: 5.4 | 30% Средний | 9 месяцев назад |
 | CVE-2025-1015 The Thunderbird Address Book URI fields contained unsanitized links. This could be used by an attacker to create and export an address book containing a malicious payload in a field. For example, in the “Other” field of the Instant Messaging section. If another user imported the address book, clicking on the link could result in opening a web page inside Thunderbird, and that page could execute (unprivileged) JavaScript. This vulnerability affects Thunderbird < 128.7 and Thunderbird < 135. | CVSS3: 5.4 | 30% Средний | 9 месяцев назад |
 | CVE-2025-1015 The Thunderbird Address Book URI fields contained unsanitized links. This could be used by an attacker to create and export an address book containing a malicious payload in a field. For example, in the “Other” field of the Instant Messaging section. If another user imported the address book, clicking on the link could result in opening a web page inside Thunderbird, and that page could execute (unprivileged) JavaScript. This vulnerability affects Thunderbird < 128.7 and Thunderbird < 135. | CVSS3: 5.4 | 30% Средний | 9 месяцев назад |
| CVE-2025-1015 The Thunderbird Address Book URI fields contained unsanitized links. T ... | CVSS3: 5.4 | 30% Средний | 9 месяцев назад |
| GHSA-w5j5-j57f-hp27 The Thunderbird Address Book URI fields contained unsanitized links. This could be used by an attacker to create and export an address book containing a malicious payload in a field. For example, in the “Other” field of the Instant Messaging section. If another user imported the address book, clicking on the link could result in opening a web page inside Thunderbird, and that page could execute (unprivileged) JavaScript. This vulnerability affects Thunderbird < 128.7. | CVSS3: 5.4 | 30% Средний | 9 месяцев назад |
 | BDU:2025-02315 Уязвимость полей адресной книги Address Book URI почтового клиента Thunderbird, Thunderbird ESR, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю выполнить произвольный JavaScript-код | CVSS3: 5.4 | 30% Средний | 9 месяцев назад |
 | ROS-20251008-01 Множественные уязвимости thunderbird | CVSS3: 6.5 | 29 дней назад | |
 | RLSA-2025:1292 Important: thunderbird security update | 9 месяцев назад | ||
| ELSA-2025-1292 ELSA-2025-1292: thunderbird security update (IMPORTANT) | 9 месяцев назад | ||
| ELSA-2025-1184 ELSA-2025-1184: thunderbird security update (IMPORTANT) | 9 месяцев назад | ||
 | SUSE-SU-2025:0405-1 Security update for MozillaThunderbird | 9 месяцев назад |
Уязвимостей на страницу