Количество 11
Количество 11
GHSA-g6gh-87cw-x396
By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the victim's system. This vulnerability is not limited to Linux; similar behavior has been observed on Windows as well. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2.
CVE-2025-2830
By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the victim's system. This vulnerability is not limited to Linux; similar behavior has been observed on Windows as well. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2.
CVE-2025-2830
By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the victim's system. This vulnerability is not limited to Linux; similar behavior has been observed on Windows as well. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2.
CVE-2025-2830
By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the victim's system. This vulnerability is not limited to Linux; similar behavior has been observed on Windows as well. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2.
CVE-2025-2830
By crafting a malformed file name for an attachment in a multipart mes ...
BDU:2025-06569
Уязвимость почтового клиента Thunderbird, связанная с неверным ограничением имени пути к каталогу с ограниченным доступом, позволяющая нарушителю раскрыть защищаемую информацию
SUSE-SU-2025:1366-1
Security update for MozillaThunderbird
ROS-20250515-08
Множественные уязвимости thunderbird
ELSA-2025-7435
ELSA-2025-7435: thunderbird security update (IMPORTANT)
ELSA-2025-4649
ELSA-2025-4649: thunderbird security update (IMPORTANT)
ELSA-2025-4229
ELSA-2025-4229: thunderbird security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-g6gh-87cw-x396 By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the victim's system. This vulnerability is not limited to Linux; similar behavior has been observed on Windows as well. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2. | CVSS3: 6.3 | 0% Низкий | 2 месяца назад |
 | CVE-2025-2830 By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the victim's system. This vulnerability is not limited to Linux; similar behavior has been observed on Windows as well. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2. | CVSS3: 6.3 | 0% Низкий | 2 месяца назад |
 | CVE-2025-2830 By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the victim's system. This vulnerability is not limited to Linux; similar behavior has been observed on Windows as well. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2. | CVSS3: 6.1 | 0% Низкий | 2 месяца назад |
 | CVE-2025-2830 By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the victim's system. This vulnerability is not limited to Linux; similar behavior has been observed on Windows as well. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2. | CVSS3: 6.3 | 0% Низкий | 2 месяца назад |
| CVE-2025-2830 By crafting a malformed file name for an attachment in a multipart mes ... | CVSS3: 6.3 | 0% Низкий | 2 месяца назад |
 | BDU:2025-06569 Уязвимость почтового клиента Thunderbird, связанная с неверным ограничением имени пути к каталогу с ограниченным доступом, позволяющая нарушителю раскрыть защищаемую информацию | CVSS3: 6.3 | 0% Низкий | 2 месяца назад |
 | SUSE-SU-2025:1366-1 Security update for MozillaThunderbird | около 2 месяцев назад | ||
 | ROS-20250515-08 Множественные уязвимости thunderbird | CVSS3: 6.4 | около 1 месяца назад | |
| ELSA-2025-7435 ELSA-2025-7435: thunderbird security update (IMPORTANT) | 29 дней назад | ||
| ELSA-2025-4649 ELSA-2025-4649: thunderbird security update (IMPORTANT) | около 1 месяца назад | ||
| ELSA-2025-4229 ELSA-2025-4229: thunderbird security update (IMPORTANT) | около 2 месяцев назад |
Уязвимостей на страницу