Homepage

thunderbird vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the thunderbird package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • L
Arbitrary Code Injection

<1:60.8.0+build1-0ubuntu0.18.10.1
  • L
Out-of-Bounds

<1:60.8.0+build1-0ubuntu0.18.10.1
  • L
Use After Free

<1:60.8.0+build1-0ubuntu0.18.10.1
  • L
Cross-site Request Forgery (CSRF)

<1:60.8.0+build1-0ubuntu0.18.10.1
  • L
Cross-site Scripting (XSS)

<1:60.8.0+build1-0ubuntu0.18.10.1
  • L
CVE-2019-11730

<1:60.8.0+build1-0ubuntu0.18.10.1
  • L
Improper Encoding or Escaping of Output

<1:60.8.0+build1-0ubuntu0.18.10.1
  • L
Out-of-bounds Read

<1:60.8.0+build1-0ubuntu0.18.10.1
  • L
Out-of-Bounds

<1:60.8.0+build1-0ubuntu0.18.10.1
  • L
CVE-2019-11711

<1:60.8.0+build1-0ubuntu0.18.10.1
  • L
Improper Input Validation

<1:60.7.2+build2-0ubuntu0.18.10.1
  • L
Access of Resource Using Incompatible Type ('Type Confusion')

<1:60.7.2+build1-0ubuntu0.18.10.1
  • M
Out-of-Bounds

<1:60.7.1+build1-0ubuntu0.18.10.1
  • M
Out-of-Bounds

<1:60.7.1+build1-0ubuntu0.18.10.1
  • L
Access of Resource Using Incompatible Type ('Type Confusion')

<1:60.7.1+build1-0ubuntu0.18.10.1
  • M
Out-of-bounds Write

<1:60.7.1+build1-0ubuntu0.18.10.1
  • L
Access of Resource Using Incompatible Type ('Type Confusion')

<1:60.7.0+build1-0ubuntu0.18.10.1
  • L
Origin Validation Error

<1:60.7.0+build1-0ubuntu0.18.10.1
  • L
Out-of-Bounds

<1:60.7.0+build1-0ubuntu0.18.10.1
  • L
Use After Free

<1:60.7.0+build1-0ubuntu0.18.10.1
  • L
Use After Free

<1:60.7.0+build1-0ubuntu0.18.10.1
  • L
Out-of-Bounds

<1:60.7.0+build1-0ubuntu0.18.10.1
  • L
Improper Input Validation

<1:60.7.0+build1-0ubuntu0.18.10.1
  • L
Use After Free

<1:60.7.0+build1-0ubuntu0.18.10.1
  • L
Improper Input Validation

<1:60.7.0+build1-0ubuntu0.18.10.1
  • L
Access of Resource Using Incompatible Type ('Type Confusion')

<1:60.6.1+build2-0ubuntu0.18.10.1
  • L
Out-of-Bounds

<1:60.6.1+build2-0ubuntu0.18.10.1
  • L
Out-of-Bounds

<1:60.6.1+build2-0ubuntu0.18.10.1
  • L
Reachable Assertion

<1:60.6.1+build2-0ubuntu0.18.10.1
  • L
Out-of-Bounds

<1:60.6.1+build2-0ubuntu0.18.10.1
  • L
Out-of-Bounds

<1:60.6.1+build2-0ubuntu0.18.10.1
  • L
Use After Free

<1:60.6.1+build2-0ubuntu0.18.10.1
  • L
Use After Free

<1:60.6.1+build2-0ubuntu0.18.10.1
  • L
Improper Input Validation

<1:60.6.1+build2-0ubuntu0.18.10.1
  • L
Origin Validation Error

<1:60.7.0+build1-0ubuntu0.18.10.1
  • M
Out-of-bounds Read

<1:60.7.0+build1-0ubuntu0.18.10.1
  • L
Origin Validation Error

<1:60.2.1+build1-0ubuntu1
  • M
Improper Verification of Cryptographic Signature

<1:60.5.1+build2-0ubuntu0.18.10.1
  • L
Information Exposure

<1:60.7.0+build1-0ubuntu0.18.10.1
  • M
Out-of-bounds Write

<1:60.5.1+build2-0ubuntu0.18.10.1
  • M
Use After Free

<1:60.7.0+build1-0ubuntu0.18.10.1
  • L
Out-of-Bounds

<1:60.5.1+build2-0ubuntu0.18.10.1
  • L
Improper Authentication

<1:60.5.1+build2-0ubuntu0.18.10.1
  • M
Use After Free

<1:60.5.1+build2-0ubuntu0.18.10.1
  • M
CVE-2018-18506

<1:60.6.1+build2-0ubuntu0.18.10.1
  • L
Out-of-Bounds

<1:60.4.0+build2-0ubuntu0.18.10.1
  • L
Use After Free

<1:60.4.0+build2-0ubuntu0.18.10.1
  • L
Out-of-bounds Write

<1:60.4.0+build2-0ubuntu0.18.10.1
  • L
Out-of-Bounds

<1:60.4.0+build2-0ubuntu0.18.10.1
  • L
Origin Validation Error

<1:60.4.0+build2-0ubuntu0.18.10.1
  • M
Out-of-bounds Write

<1:60.5.1+build2-0ubuntu0.18.10.1
  • L
Out-of-Bounds

<1:60.4.0+build2-0ubuntu0.18.10.1
  • L
Out-of-Bounds

<1:60.4.0+build2-0ubuntu0.18.10.1
  • L
Out-of-bounds Write

<1:60.4.0+build2-0ubuntu0.18.10.1
  • L
CVE-2018-12392

<1:60.4.0+build2-0ubuntu0.18.10.1
  • L
Out-of-bounds Read

<1:60.4.0+build2-0ubuntu0.18.10.1
  • L
Improper Input Validation

<1:60.4.0+build2-0ubuntu0.18.10.1
  • L
Incorrect Type Conversion or Cast

<1:60.4.0+build2-0ubuntu0.18.10.1
  • L
Out-of-Bounds

<1:60.2.1+build1-0ubuntu1
  • L
Out-of-Bounds

<1:60.2.1+build1-0ubuntu1
  • M
Out-of-bounds Write

<1:60.2.1+build1-0ubuntu1
  • M
Use After Free

<1:52.4.0+build1-0ubuntu2
  • L
Improper Input Validation

<1:52.4.0+build1-0ubuntu2
  • L
Out-of-Bounds

<1:52.4.0+build1-0ubuntu2
  • L
Use After Free

<1:52.4.0+build1-0ubuntu2
  • L
Use After Free

<1:52.4.0+build1-0ubuntu2
  • L
Use After Free

<1:52.4.0+build1-0ubuntu2
  • L
Out-of-Bounds

<1:52.6.0+build1-0ubuntu1
  • M
Out-of-Bounds

<1:52.4.0+build1-0ubuntu2
  • L
Use After Free

<1:52.4.0+build1-0ubuntu2
  • L
Improper Privilege Management

<1:52.4.0+build1-0ubuntu2
  • L
Out-of-bounds Read

<1:52.4.0+build1-0ubuntu2
  • L
Use After Free

<1:52.4.0+build1-0ubuntu2
  • L
Out-of-Bounds

<1:52.4.0+build1-0ubuntu2
  • L
Out-of-Bounds

<1:52.7.0+build1-0ubuntu1
  • L
Out-of-Bounds

<1:52.6.0+build1-0ubuntu1
  • L
Improper Input Validation

<1:52.4.0+build1-0ubuntu2
  • L
Out-of-Bounds

<1:52.4.0+build1-0ubuntu2
  • L
Information Exposure

<1:52.4.0+build1-0ubuntu2
  • L
Out-of-Bounds

<1:52.2.1+build1-0ubuntu1
  • L
Out-of-Bounds

<1:52.7.0+build1-0ubuntu1
  • M
Out-of-Bounds

<1:52.4.0+build1-0ubuntu2
  • L
Out-of-Bounds

<1:60.2.1+build1-0ubuntu1
  • M
CVE-2017-17689

<1:60.2.1+build1-0ubuntu1
  • L
Use After Free

<1:60.5.1+build2-0ubuntu0.18.10.1
  • L
Improper Data Handling

<1:38.6.0+build1-0ubuntu1
  • L
Cryptographic Issues

<1:31.8.0+build1-0ubuntu1