exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 9

CVE-2025-3932

около 1 месяца назад

It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird automatically accessed the link. The configuration to block remote content did not prevent that. Thunderbird has been fixed to no longer allow access to web pages listed in the X-Mozilla-External-Attachment-URL header of an email. This vulnerability affects Thunderbird < 128.10.1 and Thunderbird < 138.0.1.

CVSS3: 6.5

EPSS: Низкий

CVE-2025-3932

около 1 месяца назад

CVSS3: 6.5

EPSS: Низкий

CVE-2025-3932

около 1 месяца назад

CVSS3: 6.5

EPSS: Низкий

CVE-2025-3932

около 1 месяца назад

It was possible to craft an email that showed a tracking link as an at ...

CVSS3: 6.5

EPSS: Низкий

GHSA-jfxg-6gv4-f2gh

около 1 месяца назад

CVSS3: 7.5

EPSS: Низкий

SUSE-SU-2025:01660-2

21 день назад

Security update for MozillaThunderbird

EPSS: Низкий

SUSE-SU-2025:01660-1

28 дней назад

Security update for MozillaThunderbird

EPSS: Низкий

ELSA-2025-8203

24 дня назад

ELSA-2025-8203: thunderbird security update (IMPORTANT)

EPSS: Низкий

ELSA-2025-8756

10 дней назад

ELSA-2025-8756: thunderbird security update (IMPORTANT)

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2025-3932 It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird automatically accessed the link. The configuration to block remote content did not prevent that. Thunderbird has been fixed to no longer allow access to web pages listed in the X-Mozilla-External-Attachment-URL header of an email. This vulnerability affects Thunderbird < 128.10.1 and Thunderbird < 138.0.1.	CVSS3: 6.5	0% Низкий	около 1 месяца назад
CVE-2025-3932 It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird automatically accessed the link. The configuration to block remote content did not prevent that. Thunderbird has been fixed to no longer allow access to web pages listed in the X-Mozilla-External-Attachment-URL header of an email. This vulnerability affects Thunderbird < 128.10.1 and Thunderbird < 138.0.1.	CVSS3: 6.5	0% Низкий	около 1 месяца назад
CVE-2025-3932 It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird automatically accessed the link. The configuration to block remote content did not prevent that. Thunderbird has been fixed to no longer allow access to web pages listed in the X-Mozilla-External-Attachment-URL header of an email. This vulnerability affects Thunderbird < 128.10.1 and Thunderbird < 138.0.1.	CVSS3: 6.5	0% Низкий	около 1 месяца назад
CVE-2025-3932 It was possible to craft an email that showed a tracking link as an at ...	CVSS3: 6.5	0% Низкий	около 1 месяца назад
GHSA-jfxg-6gv4-f2gh It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird automatically accessed the link. The configuration to block remote content did not prevent that. Thunderbird has been fixed to no longer allow access to web pages listed in the X-Mozilla-External-Attachment-URL header of an email. This vulnerability affects Thunderbird < 128.10.1 and Thunderbird < 138.0.1.	CVSS3: 7.5	0% Низкий	около 1 месяца назад
SUSE-SU-2025:01660-2 Security update for MozillaThunderbird			21 день назад
SUSE-SU-2025:01660-1 Security update for MozillaThunderbird			28 дней назад
ELSA-2025-8203 ELSA-2025-8203: thunderbird security update (IMPORTANT)			24 дня назад
ELSA-2025-8756 ELSA-2025-8756: thunderbird security update (IMPORTANT)			10 дней назад

Уязвимостей на страницу