| Max CVSS | 5.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-5185 | 4.3 |
Plaintext of decrypted emails can leak through by user submitting an embedded form. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.
|
03-10-2019 - 00:03 | 11-06-2018 - 21:29 | |
| CVE-2018-5162 | 5.0 |
Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.
|
03-10-2019 - 00:03 | 11-06-2018 - 21:29 | |
| CVE-2018-5184 | 5.0 |
Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.
|
13-03-2019 - 14:23 | 11-06-2018 - 21:29 | |
| CVE-2018-5170 | 4.3 |
It is possible to spoof the filename of an attachment and display an arbitrary attachment name. This could lead to a user opening a remote attachment which is a different file type than expected. This vulnerability affects Thunderbird ESR < 52.8 and
|
13-03-2019 - 13:43 | 11-06-2018 - 21:29 | |
| CVE-2018-5161 | 4.3 |
Crafted message headers can cause a Thunderbird process to hang on receiving the message. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.
|
13-03-2019 - 13:43 | 11-06-2018 - 21:29 |