thunderbird vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the thunderbird package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M CVE-2024-11694	<1:115.18.0+build1-0ubuntu0.20.04.1
M CVE-2024-10458	<1:115.18.0+build1-0ubuntu0.20.04.1
M Use After Free	<1:115.18.0+build1-0ubuntu0.20.04.1
M Information Exposure	<1:115.18.0+build1-0ubuntu0.20.04.1
M CVE-2024-9392	<1:115.18.0+build1-0ubuntu0.20.04.1
M CVE-2024-9393	<1:115.18.0+build1-0ubuntu0.20.04.1
M CVE-2024-9394	<1:115.18.0+build1-0ubuntu0.20.04.1
M CVE-2024-9401	<1:115.18.0+build1-0ubuntu0.20.04.1
M CVE-2024-7652	<1:115.13.0+build5-0ubuntu0.20.04.1
M CVE-2024-8382	<1:115.15.0+build1-0ubuntu0.20.04.1
M Incorrect Default Permissions	<1:115.15.0+build1-0ubuntu0.20.04.1
M CVE-2024-7529	<1:115.15.0+build1-0ubuntu0.20.04.1
M Use After Free	<1:115.15.0+build1-0ubuntu0.20.04.1
M Use of Uninitialized Resource	<1:115.15.0+build1-0ubuntu0.20.04.1
M Improper Handling of Exceptional Conditions	<1:115.15.0+build1-0ubuntu0.20.04.1
M Out-of-bounds Read	<1:115.15.0+build1-0ubuntu0.20.04.1
M Information Exposure	<1:115.9.0+build1-0ubuntu0.20.04.1
M CVE-2024-0750	<1:115.8.1+build1-0ubuntu0.20.04.1
L Improper Privilege Management	<1:115.8.1+build1-0ubuntu0.20.04.1
L CVE-2024-0746	<1:115.8.1+build1-0ubuntu0.20.04.1
H Out-of-bounds Write	<1:115.3.1+build1-0ubuntu0.20.04.1
M Out-of-bounds Write	<1:102.15.1+build1-0ubuntu0.20.04.1
M Double Free	*
M CVE-2023-0767	<1:102.8.0+build2-0ubuntu0.20.04.1
L NULL Pointer Dereference	*
M Out-of-bounds Write	*
M Out-of-bounds Read	*
M Improper Cross-boundary Removal of Sensitive Data	*
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
L Improper Authentication	<1:102.4.2+build2-0ubuntu0.20.04.1
L CVE-2022-39236	<1:102.4.2+build2-0ubuntu0.20.04.1
L Improper Authentication	<1:102.4.2+build2-0ubuntu0.20.04.1
L Improper Authentication	<1:102.4.2+build2-0ubuntu0.20.04.1
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<1:102.2.2+build1-0ubuntu0.20.04.1
L Use After Free	*
L Incorrect Calculation	*
L Access of Uninitialized Pointer	<1:102.2.2+build1-0ubuntu0.20.04.1
L Use After Free	*
L Integer Overflow or Wraparound	*
L Integer Overflow or Wraparound	*
L Improper Encoding or Escaping of Output	*
L Exposure of Resource to Wrong Sphere	*
L Integer Overflow or Wraparound	*
L Integer Overflow or Wraparound	*
L Improper Certificate Validation	<1:91.5.0+build1-0ubuntu0.20.04.1
M Integer Overflow or Wraparound	<1:91.11.0+build2-0ubuntu0.20.04.1
M Integer Overflow or Wraparound	<1:91.11.0+build2-0ubuntu0.20.04.1
M Integer Overflow or Wraparound	<1:91.11.0+build2-0ubuntu0.20.04.1
M Integer Overflow or Wraparound	<1:91.11.0+build2-0ubuntu0.20.04.1
M Integer Overflow or Wraparound	<1:91.11.0+build2-0ubuntu0.20.04.1
M Integer Overflow or Wraparound	<1:91.11.0+build2-0ubuntu0.20.04.1
M Out-of-Bounds	<1:91.5.0+build1-0ubuntu0.20.04.1
H Out-of-bounds Write	<1:78.14.0+build1-0ubuntu0.20.04.2
M Information Exposure	<1:68.10.0+build1-0ubuntu0.20.04.1
M Out-of-bounds Read	<1:68.6.0+build2-0ubuntu1
M Out-of-bounds Read	<1:68.2.0+build1.1-0ubuntu1
L Out-of-Bounds	<60.8.0+build1-0ubuntu1
L Out-of-bounds Read	<60.8.0+build1-0ubuntu1
M Use After Free	<1:60.7.0+build1-0ubuntu3
L Out-of-Bounds	<1:60.2.1+build1-0ubuntu1
L Out-of-Bounds	<1:52.7.0+build1-0ubuntu1
L Out-of-Bounds	<1:52.6.0+build1-0ubuntu1
L Out-of-Bounds	<1:52.6.0+build1-0ubuntu1
L Out-of-Bounds	<1:52.4.0+build1-0ubuntu2
L Out-of-Bounds	<1:60.2.1+build1-0ubuntu1
M CVE-2017-17689	<1:60.2.1+build1-0ubuntu1

Vulnerability

Vulnerable Version

CVE-2024-11694

<1:115.18.0+build1-0ubuntu0.20.04.1