RHSA-2018:2251HighCVSS 9.8

Red Hat Security Advisory: thunderbird security update

Published
July 24, 2018
Last Modified
June 27, 2026

🔗 CVE IDs covered (11)

📋 Description

CVE-2018-5188 — Mozilla: Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, and Firefox ESR 52.9 CVE-2018-12359 — Mozilla: Buffer overflow using computed size of canvas element CVE-2018-12360 — Mozilla: Use-after-free using focus() CVE-2018-12362 — Mozilla: Integer overflow in SSSE3 scaler CVE-2018-12363 — Mozilla: Use-after-free when appending DOM nodes CVE-2018-12364 — Mozilla: CSRF attacks through 307 redirects and NPAPI plugins CVE-2018-12365 — Mozilla: Compromised IPC child process can list local filenames CVE-2018-12366 — Mozilla: Invalid data handling during QCMS transformations CVE-2018-12372 — thunderbird: S/MIME and PGP decryption oracles can be built with HTML emails CVE-2018-12373 — thunderbird: S/MIME plaintext can be leaked through HTML reply/forward CVE-2018-12374 — thunderbird: Using form to exfiltrate encrypted mail part by pressing enter in form field

🔗 References (15)