Homepage

thunderbird vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the thunderbird package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
Use After Free

<0:45.8.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:45.8.0-1.0.1.el5_11
  • H
DEPRECATED: Use of Uninitialized Resource

<0:45.8.0-1.0.1.el5_11
  • H
Information Exposure

<0:45.8.0-1.0.1.el5_11
  • H
Error Handling

<0:45.8.0-1.0.1.el5_11
  • H
Information Exposure

<0:45.8.0-1.0.1.el5_11
  • H
Use After Free

<0:45.8.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:45.8.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:45.8.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:45.7.0-1.0.1.el5_11
  • H
Use After Free

<0:45.7.0-1.0.1.el5_11
  • H
Use After Free

<0:45.7.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:45.7.0-1.0.1.el5_11
  • H
Information Exposure

<0:45.7.0-1.0.1.el5_11
  • H
CVE-2017-5390

<0:45.7.0-1.0.1.el5_11
  • H
Use After Free

<0:45.7.0-1.0.1.el5_11
  • H
Improper Input Validation

<0:45.7.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:45.5.0-1.0.1.el5_11
  • H
Security Features

<0:45.6.0-1.0.1.el5_11
  • H
Origin Validation Error

<0:45.6.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:45.6.0-1.0.1.el5_11
  • H
Improper Access Control

<0:45.6.0-1.0.1.el5_11
  • H
Use After Free

<0:45.5.1-1.0.1.el5_11
  • H
Use After Free

<0:45.6.0-1.0.1.el5_11
  • H
Security Features

<0:45.6.0-1.0.1.el5_11
  • H
Improper Input Validation

<0:45.6.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:45.4.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:45.3.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:45.2-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.8.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.8.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.0.1.el5_11
  • H
CVE-2016-1960

<0:38.7.0-1.0.1.el5_11
  • H
Improper Data Handling

<0:38.7.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.0.1.el5_11
  • H
Improper Data Handling

<0:38.7.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.6.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.6.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.0.1.el5_11
  • H
CVE-2016-1964

<0:38.7.0-1.0.1.el5_11
  • H
Access Restriction Bypass

<0:38.7.0-1.0.1.el5_11
  • H
CVE-2016-1961

<0:38.7.0-1.0.1.el5_11
  • H
CVE-2016-1966

<0:38.7.0-1.0.1.el5_11
  • H
Numeric Errors

<0:38.5.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.5.0-1.0.1.el5_11
  • H
Numeric Errors

<0:38.5.0-1.0.1.el5_11
  • H
Information Exposure

<0:38.5.0-1.0.1.el5_11
  • H
Numeric Errors

<0:38.5.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.3.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.3.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.4.0-1.0.1.el5_11
  • H
Code

<0:38.4.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.4.0-1.0.1.el5_11
  • H
Access Restriction Bypass

<0:38.4.0-1.0.1.el5_11
  • H
Security Features

<0:38.4.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.4.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.4.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.3.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.3.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.3.0-1.0.1.el5_11
  • H
Security Features

<0:38.3.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.3.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.3.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.3.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.3.0-1.0.1.el5_11
  • H
Information Exposure

<0:38.3.0-1.0.1.el5_11
  • H
CVE-2015-4509

<0:38.3.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:31.8.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:38.2.0-4.0.1.el5_11
  • H
Out-of-Bounds

<0:38.2.0-4.0.1.el5_11
  • H
Out-of-Bounds

<0:38.2.0-4.0.1.el5_11
  • H
Numeric Errors

<0:38.2.0-4.0.1.el5_11
  • H
CVE-2015-4488

<0:38.2.0-4.0.1.el5_11
  • H
Out-of-Bounds

<0:31.8.0-1.0.1.el5_11
  • H
Cryptographic Issues

<0:31.8.0-1.0.1.el5_11
  • H
Code

<0:31.8.0-1.0.1.el5_11
  • H
Code

<0:31.8.0-1.0.1.el5_11
  • H
Code

<0:31.8.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:31.8.0-1.0.1.el5_11
  • H
Code

<0:31.8.0-1.0.1.el5_11
  • H
CVE-2015-2731

<0:31.8.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:31.8.0-1.0.1.el5_11
  • H
Code

<0:31.8.0-1.0.1.el5_11
  • H
CVE-2015-2713

<0:31.7.0-1.0.1.el5_11
  • H
CVE-2015-2708

<0:31.7.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:31.7.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:31.7.0-1.0.1.el5_11
  • H
CVE-2015-0813

<0:31.6.0-1.0.1.el5_11
  • H
CVE-2015-0815

<0:31.6.0-1.0.1.el5_11
  • H
Cross-site Request Forgery (CSRF)

<0:31.6.0-1.0.1.el5_11
  • H
Access Restriction Bypass

<0:31.6.0-1.0.1.el5_11
  • H
Access Restriction Bypass

<0:31.6.0-1.0.1.el5_11
  • H
Out-of-Bounds

<0:31.5.0-1.0.1.el5_11
  • H
CVE-2015-0831

<0:31.5.0-1.0.1.el5_11
  • H
CVE-2015-0836

<0:31.5.0-1.0.1.el5_11
  • H
Information Exposure

<0:31.5.0-1.0.1.el5_11
  • H
CVE-2014-8634

<0:31.4.0-1.0.1.el5_11
  • H
CVE-2014-8639

<0:31.4.0-1.0.1.el5_11
  • H
Cross-site Request Forgery (CSRF)

<0:31.4.0-1.0.1.el5_11
  • H
CVE-2014-1567

<0:24.8.0-1.0.1.el5_10
  • H
Out-of-Bounds

<0:24.8.0-1.0.1.el5_10
  • H
CVE-2014-1518

<0:24.5.0-1.0.1.el5_10
  • H
Out-of-bounds Write

<0:24.5.0-1.0.1.el5_10
  • H
Arbitrary Code Injection

<0:24.7.0-1.0.1.el5_10
  • H
CVE-2014-1547

<0:24.7.0-1.0.1.el5_10
  • H
Arbitrary Code Injection

<0:24.7.0-1.0.1.el5_10
  • H
CVE-2014-1555

<0:24.7.0-1.0.1.el5_10
  • H
CVE-2014-1538

<0:24.6.0-1.0.1.el5_10
  • H
CVE-2014-1541

<0:24.6.0-1.0.1.el5_10
  • H
CVE-2014-1533

<0:24.6.0-1.0.1.el5_10
  • H
Cross-site Scripting (XSS)

<0:24.5.0-1.0.1.el5_10
  • H
Buffer Overflow

<0:24.5.0-1.0.1.el5_10
  • H
Use After Free

<0:24.5.0-1.0.1.el5_10
  • H
Improper Privilege Management

<0:24.5.0-1.0.1.el5_10
  • H
Use After Free

<0:24.5.0-1.0.1.el5_10
  • H
Out-of-bounds Read

<0:24.4.0-1.0.1.el5_10
  • H
Information Exposure

<0:24.4.0-1.0.1.el5_10
  • H
Improper Privilege Management

<0:24.4.0-1.0.1.el5_10
  • H
Improper Privilege Management

<0:24.4.0-1.0.1.el5_10
  • H
Out-of-Bounds

<0:24.4.0-1.0.1.el5_10
  • H
Out-of-bounds Read

<0:24.4.0-1.0.1.el5_10
  • H
Buffer Overflow

<0:24.4.0-1.0.1.el5_10
  • H
Use After Free

<0:24.4.0-1.0.1.el5_10
  • H
Out-of-bounds Write

<0:24.4.0-1.0.1.el5_10
  • H
Out-of-bounds Write

<0:24.4.0-1.0.1.el5_10
  • H
Out-of-bounds Write

<0:24.3.0-2.0.1.el5_10
  • H
CVE-2014-1481

<0:24.3.0-2.0.1.el5_10
  • H
Use After Free

<0:24.3.0-2.0.1.el5_10
  • H
CVE-2014-1477

<0:24.3.0-2.0.1.el5_10
  • H
CVE-2014-1479

<0:24.3.0-2.0.1.el5_10
  • H
Origin Validation Error

<0:24.3.0-2.0.1.el5_10
  • H
Cross-site Scripting (XSS)

<0:24.2.0-2.0.1.el5_10
  • H
Arbitrary Code Injection

<0:24.2.0-2.0.1.el5_10
  • H
Use After Free

<0:24.2.0-2.0.1.el5_10
  • H
Use After Free

<0:24.2.0-2.0.1.el5_10
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:24.2.0-2.0.1.el5_10
  • H
Use After Free

<0:24.2.0-2.0.1.el5_10
  • H
CVE-2013-5609

<0:24.2.0-2.0.1.el5_10
  • H
CVE-2013-5597

<0:17.0.10-1.0.1.el5_10
  • H
CVE-2013-5590

<0:17.0.10-1.0.1.el5_10
  • H
Out-of-Bounds

<0:17.0.10-1.0.1.el5_10
  • H
CVE-2013-5599

<0:17.0.10-1.0.1.el5_10
  • H
Out-of-Bounds

<0:17.0.10-1.0.1.el5_10
  • H
CVE-2013-5601

<0:17.0.10-1.0.1.el5_10
  • H
Out-of-Bounds

<0:17.0.10-1.0.1.el5_10
  • H
CVE-2013-5600

<0:17.0.10-1.0.1.el5_10
  • H
Out-of-Bounds

<0:17.0.9-1.0.1.el5_9
  • H
Out-of-Bounds

<0:17.0.9-1.0.1.el5_9
  • H
Out-of-Bounds

<0:17.0.9-1.0.1.el5_9
  • H
Out-of-Bounds

<0:17.0.9-1.0.1.el5_9
  • H
Out-of-Bounds

<0:17.0.9-1.0.1.el5_9
  • H
Improper Input Validation

<0:17.0.9-1.0.1.el5_9
  • H
Access Restriction Bypass

<0:17.0.9-1.0.1.el5_9
  • H
Resource Management Errors

<0:17.0.9-1.0.1.el5_9
  • H
CVE-2013-1701

<0:17.0.8-5.0.1.el5_9
  • H
Access Restriction Bypass

<0:17.0.8-5.0.1.el5_9
  • H
Cross-site Scripting (XSS)

<0:17.0.8-5.0.1.el5_9
  • H
Access Restriction Bypass

<0:17.0.8-5.0.1.el5_9
  • H
Improper Input Validation

<0:17.0.8-5.0.1.el5_9
  • H
Access Restriction Bypass

<0:17.0.8-5.0.1.el5_9
  • H
Access Restriction Bypass

<0:17.0.7-1.0.1.el5_9
  • H
Access Restriction Bypass

<0:17.0.7-1.0.1.el5_9
  • H
CVE-2013-1682

<0:17.0.7-1.0.1.el5_9
  • H
Resource Management Errors

<0:17.0.7-1.0.1.el5_9
  • H
Improper Input Validation

<0:17.0.7-1.0.1.el5_9
  • H
Access Restriction Bypass

<0:17.0.7-1.0.1.el5_9
  • H
Access Restriction Bypass

<0:17.0.7-1.0.1.el5_9
  • H
Resource Management Errors

<0:17.0.7-1.0.1.el5_9
  • H
Out-of-Bounds

<0:17.0.7-1.0.1.el5_9
  • H
Resource Management Errors

<0:17.0.7-1.0.1.el5_9
  • H
Out-of-Bounds

<0:17.0.6-1.0.1.el5_9
  • H
Resource Management Errors

<0:17.0.6-1.0.1.el5_9
  • H
Resource Management Errors

<0:17.0.6-1.0.1.el5_9
  • H
Out-of-Bounds

<0:17.0.6-1.0.1.el5_9
  • H
Resource Management Errors

<0:17.0.6-1.0.1.el5_9
  • H
Cross-site Scripting (XSS)

<0:17.0.6-1.0.1.el5_9
  • H
Out-of-Bounds

<0:17.0.6-1.0.1.el5_9
  • H
Improper Initialization

<0:17.0.6-1.0.1.el5_9
  • H
Resource Management Errors

<0:17.0.6-1.0.1.el5_9
  • H
CVE-2013-0801

<0:17.0.6-1.0.1.el5_9
  • H
CVE-2013-0796

<0:17.0.5-1.0.1.el5_9
  • H
Access Restriction Bypass

<0:17.0.5-1.0.1.el5_9
  • H
CVE-2013-0800

<0:17.0.5-1.0.1.el5_9
  • H
CVE-2013-0788

<0:17.0.5-1.0.1.el5_9
  • H
Cross-site Scripting (XSS)

<0:17.0.5-1.0.1.el5_9
  • H
Resource Management Errors

<0:17.0.3-2.0.1.el5_9
  • C
Out-of-bounds Write

<0:17.0.3-1.0.1.el5_9
  • C
CVE-2013-0783

<0:17.0.3-1.0.1.el5_9
  • C
Use After Free

<0:17.0.3-1.0.1.el5_9
  • C
Use After Free

<0:17.0.3-1.0.1.el5_9
  • C
Improper Certificate Validation

<0:17.0.3-1.0.1.el5_9
  • C
CVE-2013-0746

<0:10.0.12-3.0.1.el5_9
  • C
Information Exposure

<0:10.0.12-3.0.1.el5_9
  • C
Use After Free

<0:10.0.12-3.0.1.el5_9
  • C
Use After Free

<0:10.0.12-3.0.1.el5_9
  • C
Arbitrary Code Injection

<0:10.0.12-3.0.1.el5_9
  • C
Use After Free

<0:10.0.12-3.0.1.el5_9
  • C
CVE-2013-0769

<0:10.0.12-3.0.1.el5_9
  • C
Use After Free

<0:10.0.8-1.0.2.el5_8
  • C
Integer Overflow or Wraparound

<0:10.0.12-3.0.1.el5_9
  • C
Use After Free

<0:10.0.12-3.0.1.el5_9
  • C
Use After Free

<0:10.0.8-1.0.2.el5_8
  • C
Improper Authentication

<0:10.0.12-3.0.1.el5_9
  • C
Out-of-bounds Read

<0:10.0.12-3.0.1.el5_9
  • C
Use After Free

<0:10.0.12-3.0.1.el5_9
  • C
Out-of-Bounds

<0:10.0.11-1.0.1.el5_8
  • C
Cross-site Scripting (XSS)

<0:10.0.11-1.0.1.el5_8
  • C
Use After Free

<0:10.0.11-1.0.1.el5_8
  • C
Cross-site Scripting (XSS)

<0:10.0.11-1.0.1.el5_8
  • C
Integer Overflow or Wraparound

<0:10.0.11-1.0.1.el5_8
  • C
Use After Free

<0:10.0.11-1.0.1.el5_8
  • C
Out-of-bounds Write

<0:10.0.11-1.0.1.el5_8
  • C
Use After Free

<0:10.0.11-1.0.1.el5_8
  • C
CVE-2012-5842

<0:10.0.11-1.0.1.el5_8
  • C
Cross-site Scripting (XSS)

<0:10.0.11-1.0.1.el5_8
  • C
Out-of-bounds Write

<0:10.0.11-1.0.1.el5_8
  • C
Cross-site Scripting (XSS)

<0:10.0.11-1.0.1.el5_8
  • C
Use After Free

<0:10.0.11-1.0.1.el5_8
  • C
Use After Free

<0:10.0.11-1.0.1.el5_8
  • C
Out-of-bounds Write

<0:10.0.11-1.0.1.el5_8
  • H
Cross-site Scripting (XSS)

<0:10.0.10-1.0.1.el5_8
  • H
Cross-site Scripting (XSS)

<0:10.0.10-1.0.1.el5_8
  • H
Arbitrary Code Injection

<0:10.0.10-1.0.1.el5_8
  • C
Use After Free

<0:10.0.8-1.0.2.el5_8
  • C
Out-of-bounds Read

<0:10.0.8-1.0.2.el5_8
  • C
Cross-site Scripting (XSS)

<0:10.0.8-1.0.2.el5_8
  • C
Origin Validation Error

<0:10.0.8-2.0.1.el5_8
  • C
Improper Privilege Management

<0:10.0.8-1.0.2.el5_8
  • C
CVE-2012-3982

<0:10.0.8-1.0.2.el5_8
  • C
Cross-site Scripting (XSS)

<0:10.0.8-1.0.2.el5_8
  • C
Out-of-Bounds

<0:10.0.8-1.0.2.el5_8
  • C
Use After Free

<0:10.0.8-1.0.2.el5_8
  • C
Out-of-Bounds

<0:10.0.8-1.0.2.el5_8
  • C
Out-of-Bounds

<0:10.0.8-1.0.2.el5_8
  • C
Improper Input Validation

<0:10.0.8-1.0.2.el5_8
  • C
Cross-site Scripting (XSS)

<0:10.0.8-1.0.2.el5_8
  • C
Out-of-Bounds

<0:10.0.8-1.0.2.el5_8
  • C
Out-of-Bounds

<0:10.0.8-1.0.2.el5_8
  • C
Use After Free

<0:10.0.8-1.0.2.el5_8
  • C
Use After Free

<0:10.0.8-1.0.2.el5_8
  • C
Cross-site Scripting (XSS)

<0:10.0.8-1.0.2.el5_8
  • C
Access Restriction Bypass

<0:10.0.8-1.0.2.el5_8