Homepage

thunderbird vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the thunderbird package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • L
Out-of-bounds Write

<1:24.5.0+build1-0ubuntu0.12.10.1
  • L
CVE-2014-1518

<1:24.5.0+build1-0ubuntu0.12.10.1
  • M
Use After Free

<1:24.5.0+build1-0ubuntu0.12.10.1
  • L
Cross-site Scripting (XSS)

<1:24.5.0+build1-0ubuntu0.12.10.1
  • L
Buffer Overflow

<1:24.5.0+build1-0ubuntu0.12.10.1
  • L
Use After Free

<1:24.5.0+build1-0ubuntu0.12.10.1
  • L
Improper Privilege Management

<1:24.5.0+build1-0ubuntu0.12.10.1
  • L
Information Exposure

<1:24.4.0+build1-0ubuntu0.12.10.1
  • L
Use After Free

<1:24.4.0+build1-0ubuntu0.12.10.1
  • L
Improper Privilege Management

<1:24.4.0+build1-0ubuntu0.12.10.1
  • L
Out-of-Bounds

<1:24.4.0+build1-0ubuntu0.12.10.1
  • L
Out-of-bounds Read

<1:24.4.0+build1-0ubuntu0.12.10.1
  • L
Out-of-bounds Write

<1:24.4.0+build1-0ubuntu0.12.10.1
  • L
Out-of-bounds Read

<1:24.4.0+build1-0ubuntu0.12.10.1
  • L
Buffer Overflow

<1:24.4.0+build1-0ubuntu0.12.10.1
  • L
Out-of-bounds Write

<1:24.4.0+build1-0ubuntu0.12.10.1
  • L
Improper Privilege Management

<1:24.4.0+build1-0ubuntu0.12.10.1
  • M
Cross-site Scripting (XSS)

<1:24.3.0+build2-0ubuntu0.12.10.1
  • M
Race Condition

<1:24.3.0+build2-0ubuntu0.12.10.1
  • L
CVE-2014-1477

<1:24.3.0+build2-0ubuntu0.12.10.1
  • M
Inadequate Encryption Strength

<1:24.3.0+build2-0ubuntu0.12.10.1
  • L
Use After Free

<1:24.3.0+build2-0ubuntu0.12.10.1
  • L
Origin Validation Error

<1:24.3.0+build2-0ubuntu0.12.10.1
  • L
CVE-2014-1481

<1:24.3.0+build2-0ubuntu0.12.10.1
  • L
Out-of-bounds Write

<1:24.3.0+build2-0ubuntu0.12.10.1
  • L
CVE-2014-1479

<1:24.3.0+build2-0ubuntu0.12.10.1
  • L
Cryptographic Issues

<1:24.2.0+build1-0ubuntu0.12.10.1
  • L
Use After Free

<1:24.2.0+build1-0ubuntu0.12.10.1
  • L
Arbitrary Code Injection

<1:24.2.0+build1-0ubuntu0.12.10.1
  • L
Use After Free

<1:24.2.0+build1-0ubuntu0.12.10.1
  • M
Use After Free

<1:24.2.0+build1-0ubuntu0.12.10.1
  • L
CVE-2013-5615

<1:24.2.0+build1-0ubuntu0.12.10.1
  • L
CVE-2013-5609

<1:24.2.0+build1-0ubuntu0.12.10.1
  • M
Numeric Errors

<1:24.1.1+build1-0ubuntu0.12.10.1
  • L
Information Exposure

<1:24.2.0+build1-0ubuntu0.12.10.1
  • L
Numeric Errors

<1:24.2.0+build1-0ubuntu0.12.10.1
  • M
Improper Input Validation

<1:24.1.1+build1-0ubuntu0.12.10.1
  • M
Numeric Errors

<1:24.1.1+build1-0ubuntu0.12.10.1
  • L
CVE-2013-5601

<1:24.1.0+build1-0ubuntu0.12.10.1
  • L
CVE-2013-5603

<1:24.1.0+build1-0ubuntu0.12.10.1
  • L
CVE-2013-5591

<1:24.1.0+build1-0ubuntu0.12.10.1
  • L
Out-of-Bounds

<1:24.1.0+build1-0ubuntu0.12.10.1
  • L
Out-of-Bounds

<1:24.1.0+build1-0ubuntu0.12.10.1
  • L
CVE-2013-5597

<1:24.1.0+build1-0ubuntu0.12.10.1
  • L
Out-of-Bounds

<1:24.1.0+build1-0ubuntu0.12.10.1
  • L
Improper Input Validation

<1:24.1.0+build1-0ubuntu0.12.10.1
  • L
CVE-2013-5599

<1:24.1.0+build1-0ubuntu0.12.10.1
  • L
CVE-2013-5600

<1:24.1.0+build1-0ubuntu0.12.10.1
  • L
CVE-2013-5590

<1:24.1.0+build1-0ubuntu0.12.10.1
  • L
Out-of-Bounds

<1:24.1.0+build1-0ubuntu0.12.10.1
  • M
CVE-2013-1739

<1:24.1.0+build1-0ubuntu0.12.10.1
  • L
Resource Management Errors

<1:24.0+build1-0ubuntu0.12.10.1
  • L
Out-of-Bounds

<1:24.0+build1-0ubuntu0.12.10.1
  • L
Out-of-Bounds

<1:24.0+build1-0ubuntu0.12.10.1
  • L
Out-of-Bounds

<1:24.0+build1-0ubuntu0.12.10.1
  • L
Resource Management Errors

<1:24.0+build1-0ubuntu0.12.10.1
  • L
Resource Management Errors

<1:24.0+build1-0ubuntu0.12.10.1
  • L
Out-of-Bounds

<1:24.0+build1-0ubuntu0.12.10.1
  • L
Out-of-Bounds

<1:24.0+build1-0ubuntu0.12.10.1
  • L
Out-of-Bounds

<1:24.0+build1-0ubuntu0.12.10.1
  • L
Out-of-Bounds

<1:24.0+build1-0ubuntu0.12.10.1
  • L
Out-of-Bounds

<1:24.0+build1-0ubuntu0.12.10.1
  • L
Improper Input Validation

<1:24.0+build1-0ubuntu0.12.10.1
  • L
Access Restriction Bypass

<1:24.0+build1-0ubuntu0.12.10.1
  • L
Improper Input Validation

<17.0.8+build1-0ubuntu0.12.10.1
  • L
Cross-site Scripting (XSS)

<17.0.8+build1-0ubuntu0.12.10.1
  • L
Access Restriction Bypass

<17.0.8+build1-0ubuntu0.12.10.1
  • L
CVE-2013-1701

<17.0.8+build1-0ubuntu0.12.10.1
  • L
Access Restriction Bypass

<17.0.8+build1-0ubuntu0.12.10.1
  • L
Access Restriction Bypass

<17.0.8+build1-0ubuntu0.12.10.1
  • L
Out-of-Bounds

<17.0.7+build1-0ubuntu0.12.10.1
  • L
Access Restriction Bypass

<17.0.7+build1-0ubuntu0.12.10.1
  • L
Access Restriction Bypass

<17.0.7+build1-0ubuntu0.12.10.1
  • L
Access Restriction Bypass

<17.0.7+build1-0ubuntu0.12.10.1
  • L
CVE-2013-1682

<17.0.7+build1-0ubuntu0.12.10.1
  • L
Access Restriction Bypass

<17.0.7+build1-0ubuntu0.12.10.1
  • L
Resource Management Errors

<17.0.7+build1-0ubuntu0.12.10.1
  • L
Resource Management Errors

<17.0.7+build1-0ubuntu0.12.10.1
  • L
Resource Management Errors

<17.0.7+build1-0ubuntu0.12.10.1
  • L
Improper Input Validation

<17.0.7+build1-0ubuntu0.12.10.1
  • L
CVE-2013-1669

<17.0.6+build1-0ubuntu0.12.10.1
  • L
Resource Management Errors

<17.0.6+build1-0ubuntu0.12.10.1
  • M
Out-of-Bounds

<17.0.6+build1-0ubuntu0.12.10.1
  • M
Resource Management Errors

<17.0.6+build1-0ubuntu0.12.10.1
  • M
Resource Management Errors

<17.0.6+build1-0ubuntu0.12.10.1
  • M
Out-of-Bounds

<17.0.6+build1-0ubuntu0.12.10.1
  • L
Out-of-Bounds

<17.0.6+build1-0ubuntu0.12.10.1
  • L
Access Restriction Bypass

<17.0.6+build1-0ubuntu0.12.10.1
  • L
CVE-2013-0801

<17.0.6+build1-0ubuntu0.12.10.1
  • M
Out-of-Bounds

<17.0.6+build1-0ubuntu0.12.10.1
  • M
Resource Management Errors

<17.0.6+build1-0ubuntu0.12.10.1
  • L
Access Restriction Bypass

<17.0.5+build1-0ubuntu0.12.10.1
  • L
CVE-2013-0788

<17.0.5+build1-0ubuntu0.12.10.1
  • M
CVE-2013-0800

<17.0.5+build1-0ubuntu0.12.10.1
  • L
Cross-site Scripting (XSS)

<17.0.5+build1-0ubuntu0.12.10.1
  • L
Out-of-Bounds

<17.0.5+build1-0ubuntu0.12.10.1
  • L
CVE-2013-0796

<17.0.5+build1-0ubuntu0.12.10.1
  • L
Inadequate Encryption Strength

<1:24.1.1+build1-0ubuntu0.12.10.1
  • M
Resource Management Errors

<17.0.4+build1-0ubuntu0.12.10.1
  • L
Use After Free

<17.0.3+build1-0ubuntu0.12.10.1
  • L
Out-of-Bounds

<17.0.3+build1-0ubuntu0.12.10.1
  • L
Use After Free

<17.0.3+build1-0ubuntu0.12.10.1
  • L
CVE-2013-0783

<17.0.3+build1-0ubuntu0.12.10.1
  • L
CVE-2013-0765

<17.0.3+build1-0ubuntu0.12.10.1
  • L
CVE-2013-0774

<17.0.3+build1-0ubuntu0.12.10.1
  • L
Out-of-bounds Write

<17.0.3+build1-0ubuntu0.12.10.1
  • L
CVE-2013-0784

<17.0.3+build1-0ubuntu0.12.10.1
  • L
Use After Free

<17.0.3+build1-0ubuntu0.12.10.1
  • L
Use After Free

<17.0.3+build1-0ubuntu0.12.10.1
  • L
CVE-2013-0773

<17.0.3+build1-0ubuntu0.12.10.1
  • L
Out-of-bounds Read

<17.0.3+build1-0ubuntu0.12.10.1
  • L
Improper Certificate Validation

<17.0.3+build1-0ubuntu0.12.10.1
  • L
Out-of-bounds Read

<17.0.3+build1-0ubuntu0.12.10.1
  • M
CVE-2013-0743

<17.0.2+build1-0ubuntu0.12.10.1
  • L
Information Exposure

<17.0.2+build1-0ubuntu0.12.10.1
  • L
Use After Free

<17.0.2+build1-0ubuntu0.12.10.1
  • L
Integer Overflow or Wraparound

<17.0.2+build1-0ubuntu0.12.10.1
  • L
CVE-2013-0749

<17.0.2+build1-0ubuntu0.12.10.1
  • L
Arbitrary Code Injection

<17.0.2+build1-0ubuntu0.12.10.1
  • L
Out-of-bounds Write

<17.0.2+build1-0ubuntu0.12.10.1
  • L
Use After Free

<17.0.2+build1-0ubuntu0.12.10.1
  • L
Out-of-Bounds

<17.0.2+build1-0ubuntu0.12.10.1
  • M
Inadequate Encryption Strength

<17.0.2+build1-0ubuntu0.12.10.1
  • L
Out-of-bounds Read

<17.0.2+build1-0ubuntu0.12.10.1
  • L
Out-of-bounds Write

<17.0.2+build1-0ubuntu0.12.10.1
  • L
Use After Free

<17.0.2+build1-0ubuntu0.12.10.1
  • L
Improper Input Validation

<17.0.2+build1-0ubuntu0.12.10.1
  • L
Buffer Overflow

<17.0.2+build1-0ubuntu0.12.10.1
  • L
Use After Free

<17.0.2+build1-0ubuntu0.12.10.1
  • L
CVE-2013-0769

<17.0.2+build1-0ubuntu0.12.10.1
  • L
Use After Free

<17.0.2+build1-0ubuntu0.12.10.1
  • L
Use After Free

<17.0.2+build1-0ubuntu0.12.10.1
  • L
CVE-2013-0770

<17.0.2+build1-0ubuntu0.12.10.1
  • L
Arbitrary Code Injection

<17.0.2+build1-0ubuntu0.12.10.1
  • L
CVE-2013-0746

<17.0.2+build1-0ubuntu0.12.10.1
  • L
Use After Free

<17.0.2+build1-0ubuntu0.12.10.1
  • L
Use After Free

<17.0.2+build1-0ubuntu0.12.10.1
  • L
Improper Input Validation

<17.0.2+build1-0ubuntu0.12.10.1
  • L
Use After Free

<17.0.2+build1-0ubuntu0.12.10.1
  • L
Improper Authentication

<17.0.2+build1-0ubuntu0.12.10.1
  • M
Out-of-Bounds

<17.0+build2-0ubuntu0.12.10.1
  • M
Cross-site Request Forgery (CSRF)

<17.0+build2-0ubuntu0.12.10.1
  • M
Use After Free

<17.0+build2-0ubuntu0.12.10.1
  • M
CVE-2012-5842

<17.0+build2-0ubuntu0.12.10.1
  • M
Arbitrary Code Injection

<17.0+build2-0ubuntu0.12.10.1
  • M
Out-of-Bounds

<17.0+build2-0ubuntu0.12.10.1
  • M
Out-of-bounds Write

<17.0+build2-0ubuntu0.12.10.1
  • M
Use After Free

<17.0+build2-0ubuntu0.12.10.1
  • M
Use After Free

<17.0+build2-0ubuntu0.12.10.1
  • M
CVE-2012-5843

<17.0+build2-0ubuntu0.12.10.1
  • M
Use After Free

<17.0+build2-0ubuntu0.12.10.1
  • M
Information Exposure

<17.0+build2-0ubuntu0.12.10.1
  • M
Cross-site Scripting (XSS)

<17.0+build2-0ubuntu0.12.10.1
  • M
Cross-site Scripting (XSS)

<17.0+build2-0ubuntu0.12.10.1
  • M
Cross-site Scripting (XSS)

<17.0+build2-0ubuntu0.12.10.1
  • M
Use After Free

<17.0+build2-0ubuntu0.12.10.1
  • M
Out-of-Bounds

<17.0+build2-0ubuntu0.12.10.1
  • M
Cross-site Scripting (XSS)

<17.0+build2-0ubuntu0.12.10.1
  • M
Out-of-bounds Write

<17.0+build2-0ubuntu0.12.10.1
  • M
Out-of-bounds Write

<17.0+build2-0ubuntu0.12.10.1
  • M
Use After Free

<17.0+build2-0ubuntu0.12.10.1
  • M
Use After Free

<17.0+build2-0ubuntu0.12.10.1
  • M
Use After Free

<17.0+build2-0ubuntu0.12.10.1
  • M
Integer Overflow or Wraparound

<17.0+build2-0ubuntu0.12.10.1
  • M
Use After Free

<17.0+build2-0ubuntu0.12.10.1
  • M
Arbitrary Code Injection

<16.0.2+build1-0ubuntu0.12.10.1
  • M
Cross-site Scripting (XSS)

<16.0.2+build1-0ubuntu0.12.10.1
  • M
Cross-site Scripting (XSS)

<16.0.2+build1-0ubuntu0.12.10.1
  • M
Origin Validation Error

<16.0.1+build1-0ubuntu1
  • L
Out-of-Bounds

<16.0.1+build1-0ubuntu1
  • L
Cross-site Scripting (XSS)

<16.0.1+build1-0ubuntu1
  • M
Out-of-Bounds

<16.0.1+build1-0ubuntu1
  • L
Out-of-bounds Read

<16.0.1+build1-0ubuntu1
  • L
Out-of-Bounds

<16.0.1+build1-0ubuntu1
  • L
Out-of-Bounds

<16.0.1+build1-0ubuntu1
  • L
Improper Privilege Management

<16.0.1+build1-0ubuntu1
  • L
Cross-site Scripting (XSS)

<16.0.1+build1-0ubuntu1
  • L
Cross-site Scripting (XSS)

<16.0.1+build1-0ubuntu1
  • L
Use After Free

<16.0.1+build1-0ubuntu1
  • L
CVE-2012-3984

<16.0.1+build1-0ubuntu1
  • L
Use After Free

<16.0.1+build1-0ubuntu1
  • M
CVE-2012-3982

<16.0.1+build1-0ubuntu1
  • L
CVE-2012-5354

<16.0.1+build1-0ubuntu1
  • L
Out-of-Bounds

<16.0.1+build1-0ubuntu1
  • M
Access Restriction Bypass

<16.0.1+build1-0ubuntu1
  • L
Out-of-Bounds

<16.0.1+build1-0ubuntu1
  • L
Use After Free

<16.0.1+build1-0ubuntu1
  • L
Use After Free

<16.0.1+build1-0ubuntu1
  • L
Use After Free

<16.0.1+build1-0ubuntu1
  • L
Cross-site Scripting (XSS)

<16.0.1+build1-0ubuntu1
  • L
Out-of-Bounds

<16.0.1+build1-0ubuntu1
  • L
Use After Free

<16.0.1+build1-0ubuntu1
  • L
Improper Input Validation

<16.0.1+build1-0ubuntu1
  • M
Use After Free

<15.0+build1-0ubuntu1
  • M
Use After Free

<15.0+build1-0ubuntu1
  • M
Access Restriction Bypass

<15.0+build1-0ubuntu1
  • M
Numeric Errors

<15.0+build1-0ubuntu1
  • M
Use After Free

<15.0+build1-0ubuntu1
  • M
Use After Free

<15.0+build1-0ubuntu1
  • M
Cross-site Scripting (XSS)

<15.0+build1-0ubuntu1
  • M
Out-of-Bounds

<15.0+build1-0ubuntu1
  • M
Use After Free

<15.0+build1-0ubuntu1
  • M
Resource Management Errors

<15.0+build1-0ubuntu1
  • M
CVE-2012-1971

<15.0+build1-0ubuntu1
  • M
Use After Free

<15.0+build1-0ubuntu1
  • M
Information Exposure

<15.0+build1-0ubuntu1
  • M
Use After Free

<15.0+build1-0ubuntu1
  • M
Information Exposure

<15.0+build1-0ubuntu1
  • M
Use After Free

<15.0+build1-0ubuntu1
  • M
Out-of-bounds Write

<15.0+build1-0ubuntu1
  • M
CVE-2012-3962

<15.0+build1-0ubuntu1
  • M
Out-of-Bounds

<15.0+build1-0ubuntu1
  • M
Out-of-Bounds

<15.0+build1-0ubuntu1
  • M
Resource Management Errors

<15.0+build1-0ubuntu1
  • M
Resource Management Errors

<15.0+build1-0ubuntu1
  • M
Use After Free

<15.0+build1-0ubuntu1
  • M
Use After Free

<15.0+build1-0ubuntu1
  • M
Out-of-bounds Write

<15.0+build1-0ubuntu1
  • M
Use After Free

<15.0+build1-0ubuntu1
  • M
Arbitrary Code Injection

<15.0+build1-0ubuntu1