Red Hat Security Advisory: thunderbird security update
🔗 CVE IDs covered (12)
📋 Description
CVE-2021-4140 — Mozilla: Iframe sandbox bypass with XSLT CVE-2022-22737 — Mozilla: Race condition when playing audio files CVE-2022-22738 — Mozilla: Heap-buffer-overflow in blendGaussianBlur CVE-2022-22739 — Mozilla: Missing throttling on external protocol launch dialog CVE-2022-22740 — Mozilla: Use-after-free of ChannelEventQueue::mOwner CVE-2022-22741 — Mozilla: Browser window spoof using fullscreen mode CVE-2022-22742 — Mozilla: Out-of-bounds memory access when inserting text in edit mode CVE-2022-22743 — Mozilla: Browser window spoof using fullscreen mode CVE-2022-22745 — Mozilla: Leaking cross-origin URLs through securitypolicyviolation event CVE-2022-22747 — Mozilla: Crash when handling empty pkcs7 sequence CVE-2022-22748 — Mozilla: Spoofed origin on external protocol launch dialog CVE-2022-22751 — Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5
🔗 References (15)
- selfhttps://access.redhat.com/errata/RHSA-2022:0127
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2039561
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2039563
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2039564
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2039565
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2039566
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2039567
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2039568
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2039569
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2039570
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2039572
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2039573
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2039574
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0127.json