thunderbird vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the thunderbird package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
L CVE-2024-3864	<0:115.10.0-2.el8_9.alma.1
L CVE-2024-3861	<0:115.10.0-2.el8_9.alma.1
L CVE-2024-3859	<0:115.10.0-2.el8_9.alma.1
L CVE-2024-3857	<0:115.10.0-2.el8_9.alma.1
L CVE-2024-3854	<0:115.10.0-2.el8_9.alma.1
L CVE-2024-3852	<0:115.10.0-2.el8_9.alma.1
L CVE-2024-3302	<0:115.10.0-2.el8_9.alma.1
L CVE-2024-2609	<0:115.10.0-2.el8_9.alma.1
M CVE-2024-2614	<0:115.9.0-1.el8_9.alma.1
M CVE-2024-2612	<0:115.9.0-1.el8_9.alma.1
M CVE-2024-2611	<0:115.9.0-1.el8_9.alma.1
M CVE-2024-2610	<0:115.9.0-1.el8_9.alma.1
M CVE-2024-2608	<0:115.9.0-1.el8_9.alma.1
M CVE-2024-2607	<0:115.9.0-1.el8_9.alma.1
M CVE-2024-1936	<0:115.9.0-1.el8_9.alma.1
M Unchecked Return Value	<0:115.9.0-1.el8_9.alma.1
M CVE-2023-5388	<0:115.9.0-1.el8_9.alma.1
H CVE-2024-1553	<0:115.8.0-1.el8_9.alma
H CVE-2024-1552	<0:115.8.0-1.el8_9.alma
H CVE-2024-1551	<0:115.8.0-1.el8_9.alma
H CVE-2024-1550	<0:115.8.0-1.el8_9.alma
H CVE-2024-1549	<0:115.8.0-1.el8_9.alma
H CVE-2024-1548	<0:115.8.0-1.el8_9.alma
H CVE-2024-1547	<0:115.8.0-1.el8_9.alma
H CVE-2024-1546	<0:115.8.0-1.el8_9.alma
H CVE-2024-0755	<0:115.7.0-1.el8_9.alma.1
H CVE-2024-0753	<0:115.7.0-1.el8_9.alma.1
H Improper Privilege Management	<0:115.7.0-1.el8_9.alma.1
H CVE-2024-0750	<0:115.7.0-1.el8_9.alma.1
H Origin Validation Error	<0:115.7.0-1.el8_9.alma.1
H CVE-2024-0747	<0:115.7.0-1.el8_9.alma.1
H CVE-2024-0746	<0:115.7.0-1.el8_9.alma.1
H CVE-2024-0742	<0:115.7.0-1.el8_9.alma.1
H Out-of-bounds Write	<0:115.7.0-1.el8_9.alma.1
H Out-of-bounds Write	<0:115.6.0-1.el8_9.alma
H CVE-2023-6863	<0:115.6.0-1.el8_9.alma
H Use After Free	<0:115.6.0-1.el8_9.alma
H Out-of-bounds Write	<0:115.6.0-1.el8_9.alma
H CVE-2023-6860	<0:115.6.0-1.el8_9.alma
H Use After Free	<0:115.6.0-1.el8_9.alma
H Out-of-bounds Write	<0:115.6.0-1.el8_9.alma
H Race Condition	<0:115.6.0-1.el8_9.alma
H Out-of-bounds Write	<0:115.6.0-1.el8_9.alma
H CVE-2023-50762	<0:115.6.0-1.el8_9.alma
H CVE-2023-50761	<0:115.6.0-1.el8_9.alma
H Out-of-bounds Write	<0:115.5.0-1.el8_9.alma.plus
H Directory Traversal	<0:115.5.0-1.el8_9.alma.plus
H CVE-2023-6208	<0:115.5.0-1.el8_9.alma.plus
H Use After Free	<0:115.5.0-1.el8_9.alma.plus
H Improper Restriction of Rendered UI Layers or Frames	<0:115.5.0-1.el8_9.alma.plus
H Use After Free	<0:115.5.0-1.el8_9.alma.plus
H Out-of-bounds Read	<0:115.5.0-1.el8_9.alma.plus
H CVE-2023-5732	<0:115.4.1-1.el8_8.alma.plus
H Out-of-bounds Write	<0:115.4.1-1.el8_8.alma.plus
H CVE-2023-5728	<0:115.4.1-1.el8_8.alma.plus
H CVE-2023-5725	<0:115.4.1-1.el8_8.alma.plus
H CVE-2023-5724	<0:115.4.1-1.el8_8.alma.plus
H Improper Restriction of Rendered UI Layers or Frames	<0:115.4.1-1.el8_8.alma.plus
H Improper Handling of Exceptional Conditions	<0:115.4.1-1.el8_8.alma.plus
H Out-of-bounds Write	<0:102.15.1-1.el8_8.alma
H Out-of-bounds Write	<0:102.15.0-1.el8_8.alma
H Out-of-bounds Write	<0:102.15.0-1.el8_8.alma
H CVE-2023-4583	<0:102.15.0-1.el8_8.alma
H CVE-2023-4581	<0:102.15.0-1.el8_8.alma
H Missing Encryption of Sensitive Data	<0:102.15.0-1.el8_8.alma
H Allocation of Resources Without Limits or Throttling	<0:102.15.0-1.el8_8.alma
H CVE-2023-4577	<0:102.15.0-1.el8_8.alma
H Use After Free	<0:102.15.0-1.el8_8.alma
H Use After Free	<0:102.15.0-1.el8_8.alma
H Use After Free	<0:102.15.0-1.el8_8.alma
H Link Following	<0:102.15.0-1.el8_8.alma
H CVE-2023-4051	<0:102.15.0-1.el8_8.alma
H CVE-2023-3417	<0:102.14.0-1.el8_8.alma.plus
H Out-of-bounds Write	<0:102.14.0-1.el8_8.alma.plus
H Out-of-bounds Write	<0:102.14.0-1.el8_8.alma.plus
H CVE-2023-4055	<0:102.14.0-1.el8_8.alma.plus
H Out-of-bounds Write	<0:102.14.0-1.el8_8.alma.plus
H Race Condition	<0:102.14.0-1.el8_8.alma.plus
H Out-of-bounds Read	<0:102.14.0-1.el8_8.alma.plus
H CVE-2023-4047	<0:102.14.0-1.el8_8.alma.plus
H CVE-2023-4046	<0:102.14.0-1.el8_8.alma.plus
H Origin Validation Error	<0:102.14.0-1.el8_8.alma.plus
H Out-of-bounds Write	<0:102.13.0-2.el8_8.alma.plus
H CVE-2023-37208	<0:102.13.0-2.el8_8.alma.plus
H Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')	<0:102.13.0-2.el8_8.alma.plus
H Use After Free	<0:102.13.0-2.el8_8.alma.plus
H Use After Free	<0:102.13.0-2.el8_8.alma.plus
H Out-of-bounds Write	<0:102.12.0-1.el8_8.alma
H Improper Certificate Validation	<0:102.12.0-1.el8_8.alma
H Out-of-bounds Write	<0:102.5.0-2.el8_7.alma.plus
H Improper Restriction of Rendered UI Layers or Frames	<0:102.5.0-2.el8_7.alma.plus
H Improper Restriction of Rendered UI Layers or Frames	<0:102.5.0-2.el8_7.alma.plus
H Information Exposure	<0:102.5.0-2.el8_7.alma.plus
H Link Following	<0:102.5.0-2.el8_7.alma.plus
H Cross-site Scripting (XSS)	<0:102.5.0-2.el8_7.alma.plus
H CVE-2022-45410	<0:102.5.0-2.el8_7.alma.plus
H Use After Free	<0:102.5.0-2.el8_7.alma.plus
H CVE-2022-45408	<0:102.5.0-2.el8_7.alma.plus
H Use After Free	<0:102.5.0-2.el8_7.alma.plus
H Use After Free	<0:102.5.0-2.el8_7.alma.plus
H CVE-2022-45404	<0:102.5.0-2.el8_7.alma.plus
H Information Exposure	<0:102.5.0-2.el8_7.alma.plus
H Resource Exhaustion	<0:102.8.0-2.el8_7.alma
H Out-of-bounds Write	<0:91.7.0-2.el8_5.alma.plus
H Out-of-bounds Write	<0:102.7.1-1.el8_7.alma
H CVE-2023-23603	<0:102.7.1-1.el8_7.alma
H Improper Check for Unusual or Exceptional Conditions	<0:102.7.1-1.el8_7.alma
H Origin Validation Error	<0:102.7.1-1.el8_7.alma
H Improper Encoding or Escaping of Output	<0:102.7.1-1.el8_7.alma
H CVE-2023-23598	<0:102.7.1-1.el8_7.alma
H CVE-2022-46877	<0:102.7.1-1.el8_7.alma
H CVE-2022-46871	<0:102.7.1-1.el8_7.alma
H CVE-2022-36319	<0:91.12.0-1.el8_6.alma
H Race Condition	<0:91.12.0-1.el8_6.alma
H Out-of-bounds Write	<0:91.12.0-1.el8_6.alma
H Improper Certificate Validation	<0:91.8.0-1.el8_5.alma
H Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<0:102.3.0-3.el8_6.alma
H Improper Restriction of Rendered UI Layers or Frames	<0:102.3.0-3.el8_6.alma
H Cross-site Scripting (XSS)	<0:102.3.0-3.el8_6.alma
H Externally Controlled Reference to a Resource in Another Sphere	<0:102.3.0-3.el8_6.alma
H CVE-2022-45414	<0:102.6.0-2.el8_7.alma
H Improper Restriction of Rendered UI Layers or Frames	<0:91.4.0-2.el8_5.alma.plus
H Excessive Iteration	<0:91.4.0-2.el8_5.alma.plus
H Cross-site Scripting (XSS)	<0:91.4.0-2.el8_5.alma.plus
H Information Exposure	<0:91.4.0-2.el8_5.alma.plus
H CVE-2021-43541	<0:91.4.0-2.el8_5.alma.plus
H Use After Free	<0:91.4.0-2.el8_5.alma.plus
H Race Condition	<0:91.4.0-2.el8_5.alma.plus
H Incorrect Type Conversion or Cast	<0:91.4.0-2.el8_5.alma.plus
H Information Exposure	<0:91.4.0-2.el8_5.alma.plus
H Improper Privilege Management	<0:91.4.0-2.el8_5.alma.plus
H Improper Authentication	<0:102.4.0-1.el8_6.alma
H Improper Authentication	<0:102.4.0-1.el8_6.alma
H Improper Authentication	<0:102.4.0-1.el8_6.alma
H CVE-2022-39236	<0:102.4.0-1.el8_6.alma
H Use After Free	<0:102.6.0-2.el8_7.alma
H Out-of-bounds Write	<0:102.6.0-2.el8_7.alma
H Use After Free	<0:102.6.0-2.el8_7.alma
H Out-of-bounds Write	<0:102.6.0-2.el8_7.alma
H CVE-2022-46874	<0:102.6.0-2.el8_7.alma
H CVE-2022-46872	<0:102.6.0-2.el8_7.alma
H CVE-2023-29550	<0:102.10.0-2.el8_7.alma
H CVE-2023-29548	<0:102.10.0-2.el8_7.alma
H Improper Encoding or Escaping of Output	<0:102.10.0-2.el8_7.alma
H NULL Pointer Dereference	<0:102.10.0-2.el8_7.alma
H Use After Free	<0:102.10.0-2.el8_7.alma
H CVE-2023-29535	<0:102.10.0-2.el8_7.alma
H CVE-2023-29533	<0:102.10.0-2.el8_7.alma
H Resource Exhaustion	<0:102.10.0-2.el8_7.alma
H Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<0:102.10.0-2.el8_7.alma
H Out-of-bounds Write	<0:102.10.0-2.el8_7.alma
H Improper Certificate Validation	<0:102.10.0-2.el8_7.alma
H CVE-2022-29913	<0:91.9.0-3.el8_5.alma
H CVE-2022-1520	<0:91.9.0-3.el8_5.alma
H Out-of-bounds Write	<0:102.4.0-1.el8_6.alma
H CVE-2022-42929	<0:102.4.0-1.el8_6.alma
H NULL Pointer Dereference	<0:102.4.0-1.el8_6.alma
H Origin Validation Error	<0:102.4.0-1.el8_6.alma
C Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<0:91.9.1-1.el8_6.alma
C Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<0:91.9.1-1.el8_6.alma
H Out-of-bounds Write	<0:102.8.0-2.el8_7.alma
H Out-of-bounds Write	<0:102.8.0-2.el8_7.alma
H Authentication Bypass	<0:102.8.0-2.el8_7.alma
H CVE-2023-25742	<0:102.8.0-2.el8_7.alma
H Use After Free	<0:102.8.0-2.el8_7.alma
H CVE-2023-25737	<0:102.8.0-2.el8_7.alma
H Use After Free	<0:102.8.0-2.el8_7.alma
H Out-of-bounds Write	<0:102.8.0-2.el8_7.alma
H CVE-2023-25730	<0:102.8.0-2.el8_7.alma
H CVE-2023-25729	<0:102.8.0-2.el8_7.alma
H CVE-2023-25728	<0:102.8.0-2.el8_7.alma
H Improper Certificate Validation	<0:102.7.1-2.el8_7.alma.plus
H Out-of-bounds Write	<0:91.5.0-1.el8_5.alma.plus
H CVE-2022-22748	<0:91.5.0-1.el8_5.alma.plus
H Improper Certificate Validation	<0:91.5.0-1.el8_5.alma.plus
H CVE-2022-22745	<0:91.5.0-1.el8_5.alma.plus
H CVE-2022-22743	<0:91.5.0-1.el8_5.alma.plus
H Out-of-bounds Read	<0:91.5.0-1.el8_5.alma.plus
H CVE-2022-22741	<0:91.5.0-1.el8_5.alma.plus
H Use After Free	<0:91.5.0-1.el8_5.alma.plus
H CVE-2022-22739	<0:91.5.0-1.el8_5.alma.plus
H Out-of-bounds Write	<0:91.5.0-1.el8_5.alma.plus
H Race Condition	<0:91.5.0-1.el8_5.alma.plus
H XML Injection	<0:91.5.0-1.el8_5.alma.plus
H Use After Free	<0:102.3.0-4.el8_6.alma
H Out-of-bounds Write	<0:102.9.0-1.el8_7.alma
H CVE-2023-28164	<0:102.9.0-1.el8_7.alma
H Incorrect Type Conversion or Cast	<0:102.9.0-1.el8_7.alma
H CVE-2023-25752	<0:102.9.0-1.el8_7.alma
H CVE-2023-25751	<0:102.9.0-1.el8_7.alma
H Out-of-bounds Write	<0:91.9.0-3.el8_5.alma
H CVE-2022-29916	<0:91.9.0-3.el8_5.alma
H CVE-2022-29914	<0:91.9.0-3.el8_5.alma
H Open Redirect	<0:91.9.0-3.el8_5.alma
H Improper Restriction of Rendered UI Layers or Frames	<0:91.9.0-3.el8_5.alma
H Incorrect Default Permissions	<0:91.9.0-3.el8_5.alma
H Use After Free	<0:91.7.0-2.el8_5.alma.plus
H Use After Free	<0:91.7.0-2.el8_5.alma.plus
H Time-of-check Time-of-use (TOCTOU)	<0:91.7.0-2.el8_5.alma.plus
H CVE-2022-26386	<0:91.7.0-2.el8_5.alma.plus
H CVE-2022-26384	<0:91.7.0-2.el8_5.alma.plus
H CVE-2022-26383	<0:91.7.0-2.el8_5.alma.plus
H Use After Free	<0:91.7.0-2.el8_5.alma.plus
H Out-of-bounds Write	<0:102.3.0-3.el8_6.alma
H Use After Free	<0:102.3.0-3.el8_6.alma
H Insecure Storage of Sensitive Information	<0:102.3.0-3.el8_6.alma
H Arbitrary Code Injection	<0:102.3.0-3.el8_6.alma
H CVE-2022-40957	<0:102.3.0-3.el8_6.alma
H Cross-site Scripting (XSS)	<0:102.3.0-3.el8_6.alma
H Out-of-bounds Write	<0:91.8.0-1.el8_5.alma
H Improper Restriction of Rendered UI Layers or Frames	<0:91.8.0-1.el8_5.alma
H Out-of-bounds Read	<0:91.8.0-1.el8_5.alma
H Use After Free	<0:91.8.0-1.el8_5.alma
H Out-of-bounds Write	<0:91.8.0-1.el8_5.alma
H Inefficient Regular Expression Complexity	<0:91.8.0-1.el8_5.alma
H Use After Free	<0:91.8.0-1.el8_5.alma
H Use After Free	<0:91.8.0-1.el8_5.alma
H Out-of-bounds Write	<0:91.6.0-1.el8_5.alma.plus
H CVE-2022-22763	<0:91.6.0-1.el8_5.alma.plus
H CVE-2022-22761	<0:91.6.0-1.el8_5.alma.plus
H Information Exposure	<0:91.6.0-1.el8_5.alma.plus
H CVE-2022-22759	<0:91.6.0-1.el8_5.alma.plus
H CVE-2022-22756	<0:91.6.0-1.el8_5.alma.plus
H Incorrect Authorization	<0:91.6.0-1.el8_5.alma.plus
H CVE-2023-0767	<0:102.8.0-2.el8_7.alma
H Improper Restriction of Rendered UI Layers or Frames	<0:91.3.0-2.el8_4.alma.plus
H Improper Restriction of Rendered UI Layers or Frames	<0:91.3.0-2.el8_4.alma.plus
H Origin Validation Error	<0:91.3.0-2.el8_4.alma.plus
H Improper Restriction of Rendered UI Layers or Frames	<0:91.3.0-2.el8_4.alma.plus
H Use After Free	<0:91.3.0-2.el8_4.alma.plus
H Incorrect Authorization	<0:91.3.0-2.el8_4.alma.plus
H Integer Overflow or Wraparound	<0:91.7.0-2.el8_5.alma.plus
H Exposure of Resource to Wrong Sphere	<0:91.7.0-2.el8_5.alma.plus
H Improper Encoding or Escaping of Output	<0:91.7.0-2.el8_5.alma.plus
H Out-of-bounds Write	<0:102.11.0-1.el8_7.alma
H Use of Uninitialized Resource	<0:102.11.0-1.el8_7.alma
H CVE-2023-32212	<0:102.11.0-1.el8_7.alma
H CVE-2023-32211	<0:102.11.0-1.el8_7.alma
H Authentication Bypass	<0:102.11.0-1.el8_7.alma
H Out-of-bounds Read	<0:102.11.0-1.el8_7.alma
H CVE-2023-32205	<0:102.11.0-1.el8_7.alma
H Out-of-bounds Write	<0:91.13.0-1.el8_6.alma
H Out-of-bounds Write	<0:91.13.0-1.el8_6.alma
H Use After Free	<0:91.13.0-1.el8_6.alma
H Improper Preservation of Permissions	<0:91.13.0-1.el8_6.alma
H Origin Validation Error	<0:91.13.0-1.el8_6.alma