Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-3875 (GCVE-0-2025-3875)
Vulnerability from cvelistv5 – Published: 2025-05-14 16:56 – Updated: 2026-04-13 14:27
VLAI?
EPSS
Title
Sender Spoofing via Malformed From Header in Thunderbird
Summary
Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. For example, if the From header contains an (invalid) value "Spoofed Name ", Thunderbird treats spoofed@example.com as the actual address. This vulnerability was fixed in Thunderbird 128.10.1 and Thunderbird 138.0.1.
Severity ?
7.5 (High)
CWE
- CWE-290 - Authentication Bypass by Spoofing
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Mozilla | Thunderbird |
Unaffected:
128.10.1 , ≤ 128.*
(rpm)
Unaffected: 138.0.1 , ≤ * (rpm) |
Credits
xh4vm
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-3875",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-15T14:52:16.337372Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290 Authentication Bypass by Spoofing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-15T14:52:49.671Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:58:36.011Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "128.*",
"status": "unaffected",
"version": "128.10.1",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "138.0.1",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "xh4vm"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. For example, if the From header contains an (invalid) value \"Spoofed Name \u003cspoofed@example.com\u003e \u003clegitimate@example.com\u003e\", Thunderbird treats spoofed@example.com as the actual address. This vulnerability was fixed in Thunderbird 128.10.1 and Thunderbird 138.0.1."
}
],
"value": "Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. For example, if the From header contains an (invalid) value \"Spoofed Name \", Thunderbird treats spoofed@example.com as the actual address. This vulnerability was fixed in Thunderbird 128.10.1 and Thunderbird 138.0.1."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T14:27:50.877Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1950629"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-34/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-35/"
}
],
"title": "Sender Spoofing via Malformed From Header in Thunderbird"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2025-3875",
"datePublished": "2025-05-14T16:56:42.950Z",
"dateReserved": "2025-04-22T16:38:29.461Z",
"dateUpdated": "2026-04-13T14:27:50.877Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-3875",
"date": "2026-05-22",
"epss": "0.00375",
"percentile": "0.59314"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-3875\",\"sourceIdentifier\":\"security@mozilla.org\",\"published\":\"2025-05-14T17:15:48.470\",\"lastModified\":\"2026-04-13T15:16:58.377\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. For example, if the From header contains an (invalid) value \\\"Spoofed Name \\\", Thunderbird treats spoofed@example.com as the actual address. This vulnerability was fixed in Thunderbird 128.10.1 and Thunderbird 138.0.1.\"},{\"lang\":\"es\",\"value\":\"Thunderbird analiza las direcciones de forma que puede permite la suplantaci\u00f3n del remitente si el servidor permite el uso de una direcci\u00f3n de remitente no v\u00e1lida. Por ejemplo, si el encabezado \\\"De\\\" contiene el valor (inv\u00e1lido) \\\"Nombre falsificado\\\", Thunderbird trata spoofed@example.com como la direcci\u00f3n real. Esta vulnerabilidad afecta a Thunderbird \u0026lt; 128.10.1 y Thunderbird \u0026lt; 138.0.1.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-290\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"128.10.0\",\"matchCriteriaId\":\"47A000D1-78D1-43A0-BBA8-5018439291D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"129.0\",\"versionEndExcluding\":\"138.0.1\",\"matchCriteriaId\":\"4AFE1A41-57DD-4532-9F3F-D3E9705868BA\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1950629\",\"source\":\"security@mozilla.org\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2025-34/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2025-35/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/05/msg00022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.debian.org/debian-lts-announce/2025/05/msg00022.html\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-03T19:58:36.011Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-3875\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-15T14:52:16.337372Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-290\", \"description\": \"CWE-290 Authentication Bypass by Spoofing\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-15T14:52:43.556Z\"}}], \"cna\": {\"title\": \"Sender Spoofing via Malformed From Header in Thunderbird\", \"credits\": [{\"lang\": \"en\", \"value\": \"xh4vm\"}], \"affected\": [{\"vendor\": \"Mozilla\", \"product\": \"Thunderbird\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"128.10.1\", \"versionType\": \"rpm\", \"lessThanOrEqual\": \"128.*\"}, {\"status\": \"unaffected\", \"version\": \"138.0.1\", \"versionType\": \"rpm\", \"lessThanOrEqual\": \"*\"}]}], \"references\": [{\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1950629\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2025-34/\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2025-35/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. For example, if the From header contains an (invalid) value \\\"Spoofed Name \\\", Thunderbird treats spoofed@example.com as the actual address. This vulnerability was fixed in Thunderbird 128.10.1 and Thunderbird 138.0.1.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. For example, if the From header contains an (invalid) value \\\"Spoofed Name \u003cspoofed@example.com\u003e \u003clegitimate@example.com\u003e\\\", Thunderbird treats spoofed@example.com as the actual address. This vulnerability was fixed in Thunderbird 128.10.1 and Thunderbird 138.0.1.\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"f16b083a-5664-49f3-a51e-8d479e5ed7fe\", \"shortName\": \"mozilla\", \"dateUpdated\": \"2026-04-13T14:27:50.877Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-3875\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-13T14:27:50.877Z\", \"dateReserved\": \"2025-04-22T16:38:29.461Z\", \"assignerOrgId\": \"f16b083a-5664-49f3-a51e-8d479e5ed7fe\", \"datePublished\": \"2025-05-14T16:56:42.950Z\", \"assignerShortName\": \"mozilla\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
CERTFR-2025-AVI-0411
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Mozilla. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Thunderbird versions ant\u00e9rieures \u00e0 138.0.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Thunderbird versions ant\u00e9rieures \u00e0 128.10.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-3877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3877"
},
{
"name": "CVE-2025-3909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3909"
},
{
"name": "CVE-2025-3932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3932"
},
{
"name": "CVE-2025-3875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3875"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0411",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-05-15T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Mozilla. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Mozilla",
"vendor_advisories": [
{
"published_at": "2025-05-13",
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2025-35",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-35/"
},
{
"published_at": "2025-05-13",
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2025-34",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-34/"
}
]
}
CERTFR-2025-AVI-0411
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Mozilla. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Thunderbird versions ant\u00e9rieures \u00e0 138.0.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Thunderbird versions ant\u00e9rieures \u00e0 128.10.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-3877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3877"
},
{
"name": "CVE-2025-3909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3909"
},
{
"name": "CVE-2025-3932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3932"
},
{
"name": "CVE-2025-3875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3875"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0411",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-05-15T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Mozilla. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Mozilla",
"vendor_advisories": [
{
"published_at": "2025-05-13",
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2025-35",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-35/"
},
{
"published_at": "2025-05-13",
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2025-34",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-34/"
}
]
}
alsa-2025:8196
Vulnerability from osv_almalinux
Published
2025-05-27 00:00
Modified
2025-06-16 12:34
Summary
Important: thunderbird security update
Details
Mozilla Thunderbird is a standalone mail and newsgroup client.
Security Fix(es):
- thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link (CVE-2025-3909)
- thunderbird: Sender Spoofing via Malformed From Header in Thunderbird (CVE-2025-3875)
- thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links (CVE-2025-3877)
- thunderbird: Tracking Links in Attachments Bypassed Remote Content Blocking (CVE-2025-3932)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "thunderbird"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "128.10.1-1.el10_0.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "Mozilla Thunderbird is a standalone mail and newsgroup client. \n\nSecurity Fix(es): \n\n * thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link (CVE-2025-3909)\n * thunderbird: Sender Spoofing via Malformed From Header in Thunderbird (CVE-2025-3875)\n * thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links (CVE-2025-3877)\n * thunderbird: Tracking Links in Attachments Bypassed Remote Content Blocking (CVE-2025-3932)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
"id": "ALSA-2025:8196",
"modified": "2025-06-16T12:34:27Z",
"published": "2025-05-27T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2025:8196"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-3875"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-3877"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-3909"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-3932"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2366283"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2366287"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2366291"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2366297"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/10/ALSA-2025-8196.html"
}
],
"related": [
"CVE-2025-3909",
"CVE-2025-3875",
"CVE-2025-3877",
"CVE-2025-3932"
],
"summary": "Important: thunderbird security update"
}
alsa-2025:8756
Vulnerability from osv_almalinux
Published
2025-06-10 00:00
Modified
2025-06-10 14:57
Summary
Important: thunderbird security update
Details
Mozilla Thunderbird is a standalone mail and newsgroup client.
Security Fix(es):
- thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link (CVE-2025-3909)
- thunderbird: Sender Spoofing via Malformed From Header in Thunderbird (CVE-2025-3875)
- thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links (CVE-2025-3877)
- thunderbird: Tracking Links in Attachments Bypassed Remote Content Blocking (CVE-2025-3932)
- firefox: thunderbird: Out-of-bounds access when resolving Promise objects (CVE-2025-4918)
- firefox: thunderbird: Out-of-bounds access when optimizing linear sums (CVE-2025-4919)
- firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details (CVE-2025-5267)
- firefox: thunderbird: Potential local code execution in ?Copy as cURL? command (CVE-2025-5264)
- firefox: thunderbird: Memory safety bugs (CVE-2025-5268)
- firefox: thunderbird: Script element events leaked cross-origin resource status (CVE-2025-5266)
- firefox: thunderbird: Error handling for script execution was incorrectly isolated from web content (CVE-2025-5263)
- firefox: thunderbird: Memory safety bug (CVE-2025-5269)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "thunderbird"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "128.11.0-1.el8_10.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "Mozilla Thunderbird is a standalone mail and newsgroup client. \n\nSecurity Fix(es): \n\n * thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link (CVE-2025-3909)\n * thunderbird: Sender Spoofing via Malformed From Header in Thunderbird (CVE-2025-3875)\n * thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links (CVE-2025-3877)\n * thunderbird: Tracking Links in Attachments Bypassed Remote Content Blocking (CVE-2025-3932)\n * firefox: thunderbird: Out-of-bounds access when resolving Promise objects (CVE-2025-4918)\n * firefox: thunderbird: Out-of-bounds access when optimizing linear sums (CVE-2025-4919)\n * firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details (CVE-2025-5267)\n * firefox: thunderbird: Potential local code execution in ?Copy as cURL? command (CVE-2025-5264)\n * firefox: thunderbird: Memory safety bugs (CVE-2025-5268)\n * firefox: thunderbird: Script element events leaked cross-origin resource status (CVE-2025-5266)\n * firefox: thunderbird: Error handling for script execution was incorrectly isolated from web content (CVE-2025-5263)\n * firefox: thunderbird: Memory safety bug (CVE-2025-5269)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
"id": "ALSA-2025:8756",
"modified": "2025-06-10T14:57:05Z",
"published": "2025-06-10T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2025:8756"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-3875"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-3877"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-3909"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-3932"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-4918"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-4919"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-5263"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-5264"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-5266"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-5267"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-5268"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-5269"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2366283"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2366287"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2366291"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2366297"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2367016"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2367018"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2368750"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2368751"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2368752"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2368755"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2368756"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2368757"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2025-8756.html"
}
],
"related": [
"CVE-2025-3909",
"CVE-2025-3875",
"CVE-2025-3877",
"CVE-2025-3932",
"CVE-2025-4918",
"CVE-2025-4919",
"CVE-2025-5267",
"CVE-2025-5264",
"CVE-2025-5268",
"CVE-2025-5266",
"CVE-2025-5263",
"CVE-2025-5269"
],
"summary": "Important: thunderbird security update"
}
BDU:2025-04709
Vulnerability from fstec - Published: 26.02.2025
VLAI Severity ?
Title
Уязвимость почтового клиента Thunderbird, связанная с некорректной обработкой заголовка p2-from, позволяющая нарушителю проводить спуфинг атаки
Description
Уязвимость почтового клиента Thunderbird связана с некорректной обработкой заголовка p2-from. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, проводить спуфинг атаки
Severity ?
Vendor
ООО «Ред Софт», ООО «РусБИТех-Астра», АО «ИВК», Mozilla Corp., АО "НППКТ"
Software Name
РЕД ОС (запись в едином реестре российских программ №3751), Astra Linux Special Edition (запись в едином реестре российских программ №369), Astra Linux Common Edition (запись в едином реестре российских программ №4433), АЛЬТ СП 10, Thunderbird, ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913)
Software Version
7.3 (РЕД ОС), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), 1.6 «Смоленск» (Astra Linux Common Edition), - (АЛЬТ СП 10), 1.8 (Astra Linux Special Edition), до 128.10.1 (Thunderbird), до 138.0.1 (Thunderbird), до 2.13 (ОСОН ОСнова Оnyx)
Possible Mitigations
Установка обновлений из доверенных источников. В связи со сложившейся обстановкой и введенными санкциями против Российской Федерации рекомендуется устанавливать обновления программного обеспечения только после оценки всех сопутствующих рисков.
Компенсирующие меры:
- ограничение возможности пользователей перехода по ссылкам, полученным из недоверенных источников;
- использование средств изолированной программной среды для открытия ссылок, полученных из недоверенных источников;
- использование антивирусного программного обеспечения для проверки ссылок, полученных из недоверенных источников;
- использование систем обнаружения и предотвращения вторжений для обнаружения (выявления, регистрации) и реагирования на попытки эксплуатации уязвимости.
Использование рекомендаций:
https://hg-edge.mozilla.org/comm-central/rev/d41e7a0733b2
Обновление программного обеспечения до версии 128.10.1 или выше
Обновление программного обеспечения до версии 138.0.1 или выше
Обновление программного обеспечения thunderbird до версии 1:128.10.1esr+repack-1~deb11u1.osnova2u1
Для РЕД ОС:
https://redos.red-soft.ru/support/secure/uyazvimosti/mnozhestvennye-uyazvimosti-thunderbird-030720252/?sphrase_id=1087628
Для ОС Astra Linux:
обновить пакет thunderbird до 1:128.11.0+build1-0ubuntu0.20.04.1astra1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18
Для ОС Astra Linux:
обновить пакет thunderbird до 1:128.12.0+build1-0ubuntu0.20.04.1astra1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-0923SE17
Для ОС АЛЬТ СП 10: установка обновления из публичного репозитория программного средства: https://altsp.su/obnovleniya-bezopasnosti/
Для ОС Astra Linux:
обновить пакет thunderbird до 1:128.12.0+build1-0ubuntu0.20.04.1astra1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-1020SE47
Для ОС Astra Linux:
обновить пакет thunderbird до 1:140.6.0+build2-0ubuntu0.22.04.1astra1+ci1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20251225SE16
Reference
https://hg-edge.mozilla.org/comm-central/rev/d41e7a0733b2
https://www.mozilla.org/en-US/security/advisories/mfsa2025-34/
https://github.com/advisories/GHSA-rg69-33g2-mp48
https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.13/
https://redos.red-soft.ru/support/secure/uyazvimosti/mnozhestvennye-uyazvimosti-thunderbird-030720252/?sphrase_id=1087628
https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18
https://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-0923SE17
https://altsp.su/obnovleniya-bezopasnosti/
https://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-1020SE47
https://wiki.astralinux.ru/astra-linux-se16-bulletin-20251225SE16
CWE
CWE-451
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb, Mozilla Corp., \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\"",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "7.3 (\u0420\u0415\u0414 \u041e\u0421), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Common Edition), - (\u0410\u041b\u042c\u0422 \u0421\u041f 10), 1.8 (Astra Linux Special Edition), \u0434\u043e 128.10.1 (Thunderbird), \u0434\u043e 138.0.1 (Thunderbird), \u0434\u043e 2.13 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0438\u0437 \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432. \u0412 \u0441\u0432\u044f\u0437\u0438 \u0441\u043e \u0441\u043b\u043e\u0436\u0438\u0432\u0448\u0435\u0439\u0441\u044f \u043e\u0431\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u043e\u0439 \u0438 \u0432\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u043c\u0438 \u0441\u0430\u043d\u043a\u0446\u0438\u044f\u043c\u0438 \u043f\u0440\u043e\u0442\u0438\u0432 \u0420\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u043e\u0439 \u0424\u0435\u0434\u0435\u0440\u0430\u0446\u0438\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0441\u043b\u0435 \u043e\u0446\u0435\u043d\u043a\u0438 \u0432\u0441\u0435\u0445 \u0441\u043e\u043f\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u0440\u0438\u0441\u043a\u043e\u0432.\n \n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0430 \u043f\u043e \u0441\u0441\u044b\u043b\u043a\u0430\u043c, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u043c \u0438\u0437 \u043d\u0435\u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432;\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0439 \u0441\u0440\u0435\u0434\u044b \u0434\u043b\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u044f \u0441\u0441\u044b\u043b\u043e\u043a, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u0445 \u0438\u0437 \u043d\u0435\u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432;\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0441\u0441\u044b\u043b\u043e\u043a, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u0445 \u0438\u0437 \u043d\u0435\u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432;\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f (\u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f, \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u0438) \u0438 \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://hg-edge.mozilla.org/comm-central/rev/d41e7a0733b2\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 128.10.1 \u0438\u043b\u0438 \u0432\u044b\u0448\u0435\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 138.0.1 \u0438\u043b\u0438 \u0432\u044b\u0448\u0435\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f thunderbird \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 1:128.10.1esr+repack-1~deb11u1.osnova2u1\n\n\u0414\u043b\u044f \u0420\u0415\u0414 \u041e\u0421:\nhttps://redos.red-soft.ru/support/secure/uyazvimosti/mnozhestvennye-uyazvimosti-thunderbird-030720252/?sphrase_id=1087628\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 thunderbird \u0434\u043e 1:128.11.0+build1-0ubuntu0.20.04.1astra1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 thunderbird \u0434\u043e 1:128.12.0+build1-0ubuntu0.20.04.1astra1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-0923SE17\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u041b\u042c\u0422 \u0421\u041f 10: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430: https://altsp.su/obnovleniya-bezopasnosti/\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 thunderbird \u0434\u043e 1:128.12.0+build1-0ubuntu0.20.04.1astra1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-1020SE47\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 thunderbird \u0434\u043e 1:140.6.0+build2-0ubuntu0.22.04.1astra1+ci1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20251225SE16",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "26.02.2025",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "20.01.2026",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "07.07.2025",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-04709",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2025-3875",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "\u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Astra Linux Common Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164433), \u0410\u041b\u042c\u0422 \u0421\u041f 10, Thunderbird, \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Common Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164433), \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u041b\u042c\u0422 \u0421\u041f 10 - , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.8 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\" \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx \u0434\u043e 2.13 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u0433\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u0430 Thunderbird, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430 p2-from, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0441\u043f\u0443\u0444\u0438\u043d\u0433 \u0430\u0442\u0430\u043a\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "UI \u041b\u043e\u0436\u043d\u043e\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u043c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u043e\u043c. (CWE-451)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u0433\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u0430 Thunderbird \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430 p2-from. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0441\u043f\u0443\u0444\u0438\u043d\u0433 \u0430\u0442\u0430\u043a\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c: xh4vm ( \u0410\u041e \u00ab\u0421\u0430\u0439\u0431\u0435\u0440 \u041e\u041a\u00bb)",
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041f\u043e\u0434\u043c\u0435\u043d\u0430 \u043f\u0440\u0438 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://hg-edge.mozilla.org/comm-central/rev/d41e7a0733b2\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2025-34/\nhttps://github.com/advisories/GHSA-rg69-33g2-mp48\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.13/\nhttps://redos.red-soft.ru/support/secure/uyazvimosti/mnozhestvennye-uyazvimosti-thunderbird-030720252/?sphrase_id=1087628\nhttps://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-0923SE17\nhttps://altsp.su/obnovleniya-bezopasnosti/\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-1020SE47\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20251225SE16",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-451",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}
FKIE_CVE-2025-3875
Vulnerability from fkie_nvd - Published: 2025-05-14 17:15 - Updated: 2026-04-13 15:16
Severity ?
Summary
Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. For example, if the From header contains an (invalid) value "Spoofed Name ", Thunderbird treats spoofed@example.com as the actual address. This vulnerability was fixed in Thunderbird 128.10.1 and Thunderbird 138.0.1.
References
| URL | Tags | ||
|---|---|---|---|
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=1950629 | Permissions Required | |
| security@mozilla.org | https://www.mozilla.org/security/advisories/mfsa2025-34/ | Vendor Advisory | |
| security@mozilla.org | https://www.mozilla.org/security/advisories/mfsa2025-35/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2025/05/msg00022.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | thunderbird | * | |
| mozilla | thunderbird | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47A000D1-78D1-43A0-BBA8-5018439291D3",
"versionEndExcluding": "128.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFE1A41-57DD-4532-9F3F-D3E9705868BA",
"versionEndExcluding": "138.0.1",
"versionStartIncluding": "129.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. For example, if the From header contains an (invalid) value \"Spoofed Name \", Thunderbird treats spoofed@example.com as the actual address. This vulnerability was fixed in Thunderbird 128.10.1 and Thunderbird 138.0.1."
},
{
"lang": "es",
"value": "Thunderbird analiza las direcciones de forma que puede permite la suplantaci\u00f3n del remitente si el servidor permite el uso de una direcci\u00f3n de remitente no v\u00e1lida. Por ejemplo, si el encabezado \"De\" contiene el valor (inv\u00e1lido) \"Nombre falsificado\", Thunderbird trata spoofed@example.com como la direcci\u00f3n real. Esta vulnerabilidad afecta a Thunderbird \u0026lt; 128.10.1 y Thunderbird \u0026lt; 138.0.1."
}
],
"id": "CVE-2025-3875",
"lastModified": "2026-04-13T15:16:58.377",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-05-14T17:15:48.470",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Permissions Required"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1950629"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2025-34/"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2025-35/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00022.html"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-290"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
GHSA-RG69-33G2-MP48
Vulnerability from github – Published: 2025-05-14 18:30 – Updated: 2025-11-03 21:33
VLAI?
Details
Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. For example, if the From header contains an (invalid) value "Spoofed Name ", Thunderbird treats spoofed@example.com as the actual address. This vulnerability affects Thunderbird < 128.10.1 and Thunderbird < 138.0.1.
Severity ?
7.5 (High)
{
"affected": [],
"aliases": [
"CVE-2025-3875"
],
"database_specific": {
"cwe_ids": [
"CWE-290"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-14T17:15:48Z",
"severity": "HIGH"
},
"details": "Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. For example, if the From header contains an (invalid) value \"Spoofed Name \", Thunderbird treats spoofed@example.com as the actual address. This vulnerability affects Thunderbird \u003c 128.10.1 and Thunderbird \u003c 138.0.1.",
"id": "GHSA-rg69-33g2-mp48",
"modified": "2025-11-03T21:33:54Z",
"published": "2025-05-14T18:30:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3875"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1950629"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00022.html"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2025-34"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2025-35"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
OPENSUSE-SU-2025:15131-1
Vulnerability from csaf_opensuse - Published: 2025-05-20 00:00 - Updated: 2025-05-20 00:00Summary
MozillaThunderbird-128.10.1-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: MozillaThunderbird-128.10.1-1.1 on GA media
Description of the patch: These are all security issues fixed in the MozillaThunderbird-128.10.1-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2025-15131
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
16 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://lists.opensuse.org/archives/list/security… | self |
| https://lists.opensuse.org/archives/list/security… | self |
| https://www.suse.com/security/cve/CVE-2025-3875/ | self |
| https://www.suse.com/security/cve/CVE-2025-3877/ | self |
| https://www.suse.com/security/cve/CVE-2025-3909/ | self |
| https://www.suse.com/security/cve/CVE-2025-3932/ | self |
| https://www.suse.com/security/cve/CVE-2025-3875 | external |
| https://bugzilla.suse.com/1243216 | external |
| https://www.suse.com/security/cve/CVE-2025-3877 | external |
| https://bugzilla.suse.com/1243216 | external |
| https://www.suse.com/security/cve/CVE-2025-3909 | external |
| https://bugzilla.suse.com/1243216 | external |
| https://www.suse.com/security/cve/CVE-2025-3932 | external |
| https://bugzilla.suse.com/1243216 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "MozillaThunderbird-128.10.1-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the MozillaThunderbird-128.10.1-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15131",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15131-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2025:15131-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DSFDWDAINA2OZWCXINCXQQLCGCNKIVEK/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2025:15131-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DSFDWDAINA2OZWCXINCXQQLCGCNKIVEK/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3875 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3877 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3877/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3909 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3932 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3932/"
}
],
"title": "MozillaThunderbird-128.10.1-1.1 on GA media",
"tracking": {
"current_release_date": "2025-05-20T00:00:00Z",
"generator": {
"date": "2025-05-20T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15131-1",
"initial_release_date": "2025-05-20T00:00:00Z",
"revision_history": [
{
"date": "2025-05-20T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-128.10.1-1.1.aarch64",
"product": {
"name": "MozillaThunderbird-128.10.1-1.1.aarch64",
"product_id": "MozillaThunderbird-128.10.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-openpgp-librnp-128.10.1-1.1.aarch64",
"product": {
"name": "MozillaThunderbird-openpgp-librnp-128.10.1-1.1.aarch64",
"product_id": "MozillaThunderbird-openpgp-librnp-128.10.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-128.10.1-1.1.aarch64",
"product": {
"name": "MozillaThunderbird-translations-common-128.10.1-1.1.aarch64",
"product_id": "MozillaThunderbird-translations-common-128.10.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-128.10.1-1.1.aarch64",
"product": {
"name": "MozillaThunderbird-translations-other-128.10.1-1.1.aarch64",
"product_id": "MozillaThunderbird-translations-other-128.10.1-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-128.10.1-1.1.ppc64le",
"product": {
"name": "MozillaThunderbird-128.10.1-1.1.ppc64le",
"product_id": "MozillaThunderbird-128.10.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-openpgp-librnp-128.10.1-1.1.ppc64le",
"product": {
"name": "MozillaThunderbird-openpgp-librnp-128.10.1-1.1.ppc64le",
"product_id": "MozillaThunderbird-openpgp-librnp-128.10.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-128.10.1-1.1.ppc64le",
"product": {
"name": "MozillaThunderbird-translations-common-128.10.1-1.1.ppc64le",
"product_id": "MozillaThunderbird-translations-common-128.10.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-128.10.1-1.1.ppc64le",
"product": {
"name": "MozillaThunderbird-translations-other-128.10.1-1.1.ppc64le",
"product_id": "MozillaThunderbird-translations-other-128.10.1-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-128.10.1-1.1.s390x",
"product": {
"name": "MozillaThunderbird-128.10.1-1.1.s390x",
"product_id": "MozillaThunderbird-128.10.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-openpgp-librnp-128.10.1-1.1.s390x",
"product": {
"name": "MozillaThunderbird-openpgp-librnp-128.10.1-1.1.s390x",
"product_id": "MozillaThunderbird-openpgp-librnp-128.10.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-128.10.1-1.1.s390x",
"product": {
"name": "MozillaThunderbird-translations-common-128.10.1-1.1.s390x",
"product_id": "MozillaThunderbird-translations-common-128.10.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-128.10.1-1.1.s390x",
"product": {
"name": "MozillaThunderbird-translations-other-128.10.1-1.1.s390x",
"product_id": "MozillaThunderbird-translations-other-128.10.1-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-128.10.1-1.1.x86_64",
"product": {
"name": "MozillaThunderbird-128.10.1-1.1.x86_64",
"product_id": "MozillaThunderbird-128.10.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-openpgp-librnp-128.10.1-1.1.x86_64",
"product": {
"name": "MozillaThunderbird-openpgp-librnp-128.10.1-1.1.x86_64",
"product_id": "MozillaThunderbird-openpgp-librnp-128.10.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-128.10.1-1.1.x86_64",
"product": {
"name": "MozillaThunderbird-translations-common-128.10.1-1.1.x86_64",
"product_id": "MozillaThunderbird-translations-common-128.10.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-128.10.1-1.1.x86_64",
"product": {
"name": "MozillaThunderbird-translations-other-128.10.1-1.1.x86_64",
"product_id": "MozillaThunderbird-translations-other-128.10.1-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-128.10.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.aarch64"
},
"product_reference": "MozillaThunderbird-128.10.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-128.10.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.ppc64le"
},
"product_reference": "MozillaThunderbird-128.10.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-128.10.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.s390x"
},
"product_reference": "MozillaThunderbird-128.10.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-128.10.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.x86_64"
},
"product_reference": "MozillaThunderbird-128.10.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-openpgp-librnp-128.10.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.aarch64"
},
"product_reference": "MozillaThunderbird-openpgp-librnp-128.10.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-openpgp-librnp-128.10.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.ppc64le"
},
"product_reference": "MozillaThunderbird-openpgp-librnp-128.10.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-openpgp-librnp-128.10.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.s390x"
},
"product_reference": "MozillaThunderbird-openpgp-librnp-128.10.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-openpgp-librnp-128.10.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.x86_64"
},
"product_reference": "MozillaThunderbird-openpgp-librnp-128.10.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-128.10.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.aarch64"
},
"product_reference": "MozillaThunderbird-translations-common-128.10.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-128.10.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.ppc64le"
},
"product_reference": "MozillaThunderbird-translations-common-128.10.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-128.10.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.s390x"
},
"product_reference": "MozillaThunderbird-translations-common-128.10.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-128.10.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-common-128.10.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-128.10.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.aarch64"
},
"product_reference": "MozillaThunderbird-translations-other-128.10.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-128.10.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.ppc64le"
},
"product_reference": "MozillaThunderbird-translations-other-128.10.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-128.10.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.s390x"
},
"product_reference": "MozillaThunderbird-translations-other-128.10.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-128.10.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-other-128.10.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-3875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3875"
}
],
"notes": [
{
"category": "general",
"text": "Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. For example, if the From header contains an (invalid) value \"Spoofed Name \", Thunderbird treats spoofed@example.com as the actual address. This vulnerability affects Thunderbird \u003c 128.10.1 and Thunderbird \u003c 138.0.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3875",
"url": "https://www.suse.com/security/cve/CVE-2025-3875"
},
{
"category": "external",
"summary": "SUSE Bug 1243216 for CVE-2025-3875",
"url": "https://bugzilla.suse.com/1243216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-3875"
},
{
"cve": "CVE-2025-3877",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3877"
}
],
"notes": [
{
"category": "general",
"text": "A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user\u0027s desktop or home directory without prompting, even if auto-saving is disabled. This behavior can be abused to fill the disk with garbage data (e.g. using /dev/urandom on Linux) or to leak Windows credentials via SMB links when the email is viewed in HTML mode. While user interaction is required to download the .pdf file, visual obfuscation can conceal the download trigger. Viewing the email in HTML mode is enough to load external content. This vulnerability affects Thunderbird \u003c 128.10.1 and Thunderbird \u003c 138.0.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3877",
"url": "https://www.suse.com/security/cve/CVE-2025-3877"
},
{
"category": "external",
"summary": "SUSE Bug 1243216 for CVE-2025-3877",
"url": "https://bugzilla.suse.com/1243216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-3877"
},
{
"cve": "CVE-2025-3909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3909"
}
],
"notes": [
{
"category": "general",
"text": "Thunderbird\u0027s handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment (message/rfc822) and setting its content type to application/pdf, Thunderbird may incorrectly render it as HTML when opened, allowing the embedded JavaScript to run without requiring a file download. This behavior relies on Thunderbird auto-saving the attachment to /tmp and linking to it via the file:/// protocol, potentially enabling JavaScript execution as part of the HTML. This vulnerability affects Thunderbird \u003c 128.10.1 and Thunderbird \u003c 138.0.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3909",
"url": "https://www.suse.com/security/cve/CVE-2025-3909"
},
{
"category": "external",
"summary": "SUSE Bug 1243216 for CVE-2025-3909",
"url": "https://bugzilla.suse.com/1243216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-3909"
},
{
"cve": "CVE-2025-3932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3932"
}
],
"notes": [
{
"category": "general",
"text": "It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird automatically accessed the link. The configuration to block remote content did not prevent that. Thunderbird has been fixed to no longer allow access to web pages listed in the X-Mozilla-External-Attachment-URL header of an email. This vulnerability affects Thunderbird \u003c 128.10.1 and Thunderbird \u003c 138.0.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3932",
"url": "https://www.suse.com/security/cve/CVE-2025-3932"
},
{
"category": "external",
"summary": "SUSE Bug 1243216 for CVE-2025-3932",
"url": "https://bugzilla.suse.com/1243216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-128.10.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-128.10.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-128.10.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-128.10.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-3932"
}
]
}
RHSA-2025:8196
Vulnerability from csaf_redhat - Published: 2025-05-27 10:04 - Updated: 2026-03-18 03:00Summary
Red Hat Security Advisory: thunderbird security update
Severity
Important
Notes
Topic: An update for thunderbird is now available for Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Mozilla Thunderbird is a standalone mail and newsgroup client.
Security Fix(es):
* thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link (CVE-2025-3909)
* thunderbird: Sender Spoofing via Malformed From Header in Thunderbird (CVE-2025-3875)
* thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links (CVE-2025-3877)
* thunderbird: Tracking Links in Attachments Bypassed Remote Content Blocking (CVE-2025-3932)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. For example, if the From header contains an (invalid) value "Spoofed Name spoofed@example.com legitimate@example.com", Thunderbird treats spoofed@example.com as the actual address.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
No description is available for this CVE.
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment (message/rfc822) and setting its content type to application/pdf, Thunderbird may incorrectly render it as HTML when opened, allowing the embedded JavaScript to run without requiring a file download. This behavior relies on Thunderbird auto-saving the attachment to /tmp and linking to it via the file:/// protocol, potentially enabling JavaScript execution as part of the HTML.
6.5 (Medium)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
The Mozilla Foundation's Security Advisory describes the following issue: It is possible to craft an email that shows a tracking link as an attachment. If the user attempts to open the attachment, Thunderbird automatically accesses the link. The configuration to block remote content does not prevent that. Thunderbird has been fixed to no longer allow access to web pages listed in the X-Mozilla-External-Attachment-URL header of an email.
6.5 (Medium)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
References
24 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2025:8196 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2366283 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2366287 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2366291 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2366297 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2025-3875 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2366287 | external |
| https://www.cve.org/CVERecord?id=CVE-2025-3875 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2025-3875 | external |
| https://www.mozilla.org/en-US/security/advisories… | external |
| https://access.redhat.com/security/cve/CVE-2025-3877 | self |
| https://www.cve.org/CVERecord?id=CVE-2025-3877 | external |
| https://access.redhat.com/security/cve/CVE-2025-3909 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2366283 | external |
| https://www.cve.org/CVERecord?id=CVE-2025-3909 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2025-3909 | external |
| https://www.mozilla.org/en-US/security/advisories… | external |
| https://access.redhat.com/security/cve/CVE-2025-3932 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2366297 | external |
| https://www.cve.org/CVERecord?id=CVE-2025-3932 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2025-3932 | external |
| https://www.mozilla.org/en-US/security/advisories… | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for thunderbird is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSecurity Fix(es):\n\n* thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link (CVE-2025-3909)\n\n* thunderbird: Sender Spoofing via Malformed From Header in Thunderbird (CVE-2025-3875)\n\n* thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links (CVE-2025-3877)\n\n* thunderbird: Tracking Links in Attachments Bypassed Remote Content Blocking (CVE-2025-3932)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:8196",
"url": "https://access.redhat.com/errata/RHSA-2025:8196"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2366283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366283"
},
{
"category": "external",
"summary": "2366287",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366287"
},
{
"category": "external",
"summary": "2366291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366291"
},
{
"category": "external",
"summary": "2366297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366297"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_8196.json"
}
],
"title": "Red Hat Security Advisory: thunderbird security update",
"tracking": {
"current_release_date": "2026-03-18T03:00:31+00:00",
"generator": {
"date": "2026-03-18T03:00:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2025:8196",
"initial_release_date": "2025-05-27T10:04:04+00:00",
"revision_history": [
{
"date": "2025-05-27T10:04:04+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-05-27T10:04:04+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-18T03:00:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:128.10.1-1.el10_0.src",
"product": {
"name": "thunderbird-0:128.10.1-1.el10_0.src",
"product_id": "thunderbird-0:128.10.1-1.el10_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@128.10.1-1.el10_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:128.10.1-1.el10_0.aarch64",
"product": {
"name": "thunderbird-0:128.10.1-1.el10_0.aarch64",
"product_id": "thunderbird-0:128.10.1-1.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@128.10.1-1.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debugsource-0:128.10.1-1.el10_0.aarch64",
"product": {
"name": "thunderbird-debugsource-0:128.10.1-1.el10_0.aarch64",
"product_id": "thunderbird-debugsource-0:128.10.1-1.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debugsource@128.10.1-1.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:128.10.1-1.el10_0.aarch64",
"product": {
"name": "thunderbird-debuginfo-0:128.10.1-1.el10_0.aarch64",
"product_id": "thunderbird-debuginfo-0:128.10.1-1.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@128.10.1-1.el10_0?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:128.10.1-1.el10_0.ppc64le",
"product": {
"name": "thunderbird-0:128.10.1-1.el10_0.ppc64le",
"product_id": "thunderbird-0:128.10.1-1.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@128.10.1-1.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debugsource-0:128.10.1-1.el10_0.ppc64le",
"product": {
"name": "thunderbird-debugsource-0:128.10.1-1.el10_0.ppc64le",
"product_id": "thunderbird-debugsource-0:128.10.1-1.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debugsource@128.10.1-1.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:128.10.1-1.el10_0.ppc64le",
"product": {
"name": "thunderbird-debuginfo-0:128.10.1-1.el10_0.ppc64le",
"product_id": "thunderbird-debuginfo-0:128.10.1-1.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@128.10.1-1.el10_0?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:128.10.1-1.el10_0.x86_64",
"product": {
"name": "thunderbird-0:128.10.1-1.el10_0.x86_64",
"product_id": "thunderbird-0:128.10.1-1.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@128.10.1-1.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debugsource-0:128.10.1-1.el10_0.x86_64",
"product": {
"name": "thunderbird-debugsource-0:128.10.1-1.el10_0.x86_64",
"product_id": "thunderbird-debugsource-0:128.10.1-1.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debugsource@128.10.1-1.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:128.10.1-1.el10_0.x86_64",
"product": {
"name": "thunderbird-debuginfo-0:128.10.1-1.el10_0.x86_64",
"product_id": "thunderbird-debuginfo-0:128.10.1-1.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@128.10.1-1.el10_0?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:128.10.1-1.el10_0.s390x",
"product": {
"name": "thunderbird-0:128.10.1-1.el10_0.s390x",
"product_id": "thunderbird-0:128.10.1-1.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@128.10.1-1.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debugsource-0:128.10.1-1.el10_0.s390x",
"product": {
"name": "thunderbird-debugsource-0:128.10.1-1.el10_0.s390x",
"product_id": "thunderbird-debugsource-0:128.10.1-1.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debugsource@128.10.1-1.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:128.10.1-1.el10_0.s390x",
"product": {
"name": "thunderbird-debuginfo-0:128.10.1-1.el10_0.s390x",
"product_id": "thunderbird-debuginfo-0:128.10.1-1.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@128.10.1-1.el10_0?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:128.10.1-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.aarch64"
},
"product_reference": "thunderbird-0:128.10.1-1.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:128.10.1-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.ppc64le"
},
"product_reference": "thunderbird-0:128.10.1-1.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:128.10.1-1.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.s390x"
},
"product_reference": "thunderbird-0:128.10.1-1.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:128.10.1-1.el10_0.src as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.src"
},
"product_reference": "thunderbird-0:128.10.1-1.el10_0.src",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:128.10.1-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.x86_64"
},
"product_reference": "thunderbird-0:128.10.1-1.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:128.10.1-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.aarch64"
},
"product_reference": "thunderbird-debuginfo-0:128.10.1-1.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:128.10.1-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.ppc64le"
},
"product_reference": "thunderbird-debuginfo-0:128.10.1-1.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:128.10.1-1.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.s390x"
},
"product_reference": "thunderbird-debuginfo-0:128.10.1-1.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:128.10.1-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:128.10.1-1.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debugsource-0:128.10.1-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.aarch64"
},
"product_reference": "thunderbird-debugsource-0:128.10.1-1.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debugsource-0:128.10.1-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.ppc64le"
},
"product_reference": "thunderbird-debugsource-0:128.10.1-1.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debugsource-0:128.10.1-1.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.s390x"
},
"product_reference": "thunderbird-debugsource-0:128.10.1-1.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debugsource-0:128.10.1-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.x86_64"
},
"product_reference": "thunderbird-debugsource-0:128.10.1-1.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-3875",
"cwe": {
"id": "CWE-290",
"name": "Authentication Bypass by Spoofing"
},
"discovery_date": "2025-05-14T18:00:56.630759+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2366287"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation\u0027s Security Advisory describes the following issue: Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. For example, if the From header contains an (invalid) value \"Spoofed Name spoofed@example.com legitimate@example.com\", Thunderbird treats spoofed@example.com as the actual address.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "thunderbird: Sender Spoofing via Malformed From Header in Thunderbird",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.src",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.x86_64",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.x86_64",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-3875"
},
{
"category": "external",
"summary": "RHBZ#2366287",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366287"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-3875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3875"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-3875",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3875"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-34/#CVE-2025-3875",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-34/#CVE-2025-3875"
}
],
"release_date": "2025-05-14T16:56:42.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-27T10:04:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.src",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.x86_64",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.x86_64",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8196"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.src",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.x86_64",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.x86_64",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "thunderbird: Sender Spoofing via Malformed From Header in Thunderbird"
},
{
"cve": "CVE-2025-3877",
"discovery_date": "2025-05-14T18:01:07.823851+00:00",
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "other",
"text": "This CVE has been marked as Rejected by the assigning CNA.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.src",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.x86_64",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.x86_64",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-3877"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-3877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3877"
}
],
"release_date": "2025-05-14T16:56:43.402000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-27T10:04:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.src",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.x86_64",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.x86_64",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8196"
}
],
"title": "thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links"
},
{
"cve": "CVE-2025-3909",
"cwe": {
"id": "CWE-290",
"name": "Authentication Bypass by Spoofing"
},
"discovery_date": "2025-05-14T18:00:45.326936+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2366283"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation\u0027s Security Advisory describes the following issue: Thunderbird\u0027s handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment (message/rfc822) and setting its content type to application/pdf, Thunderbird may incorrectly render it as HTML when opened, allowing the embedded JavaScript to run without requiring a file download. This behavior relies on Thunderbird auto-saving the attachment to /tmp and linking to it via the file:/// protocol, potentially enabling JavaScript execution as part of the HTML.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.src",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.x86_64",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.x86_64",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-3909"
},
{
"category": "external",
"summary": "RHBZ#2366283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-3909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3909"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-3909",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3909"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-34/#CVE-2025-3909",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-34/#CVE-2025-3909"
}
],
"release_date": "2025-05-14T16:56:43.630000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-27T10:04:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.src",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.x86_64",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.x86_64",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8196"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.src",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.x86_64",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.x86_64",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link"
},
{
"cve": "CVE-2025-3932",
"cwe": {
"id": "CWE-288",
"name": "Authentication Bypass Using an Alternate Path or Channel"
},
"discovery_date": "2025-05-14T18:01:24.278469+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2366297"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation\u0027s Security Advisory describes the following issue: It is possible to craft an email that shows a tracking link as an attachment. If the user attempts to open the attachment, Thunderbird automatically accesses the link. The configuration to block remote content does not prevent that. Thunderbird has been fixed to no longer allow access to web pages listed in the X-Mozilla-External-Attachment-URL header of an email.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "thunderbird: Tracking Links in Attachments Bypassed Remote Content Blocking",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.src",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.x86_64",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.x86_64",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-3932"
},
{
"category": "external",
"summary": "RHBZ#2366297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366297"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-3932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3932"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-3932",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3932"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-34/#CVE-2025-3932",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-34/#CVE-2025-3932"
}
],
"release_date": "2025-05-14T16:56:43.939000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-27T10:04:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.src",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.x86_64",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.x86_64",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8196"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.src",
"AppStream-10.0.Z:thunderbird-0:128.10.1-1.el10_0.x86_64",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-debuginfo-0:128.10.1-1.el10_0.x86_64",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.aarch64",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.ppc64le",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.s390x",
"AppStream-10.0.Z:thunderbird-debugsource-0:128.10.1-1.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "thunderbird: Tracking Links in Attachments Bypassed Remote Content Blocking"
}
]
}
RHSA-2025:8203
Vulnerability from csaf_redhat - Published: 2025-05-27 12:28 - Updated: 2026-03-18 03:00Summary
Red Hat Security Advisory: thunderbird security update
Severity
Important
Notes
Topic: An update for thunderbird is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Mozilla Thunderbird is a standalone mail and newsgroup client.
Security Fix(es):
* thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link (CVE-2025-3909)
* thunderbird: Sender Spoofing via Malformed From Header in Thunderbird (CVE-2025-3875)
* thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links (CVE-2025-3877)
* thunderbird: Tracking Links in Attachments Bypassed Remote Content Blocking (CVE-2025-3932)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. For example, if the From header contains an (invalid) value "Spoofed Name spoofed@example.com legitimate@example.com", Thunderbird treats spoofed@example.com as the actual address.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
No description is available for this CVE.
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.x86_64 | — |
Vendor Fix
fix
|
The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment (message/rfc822) and setting its content type to application/pdf, Thunderbird may incorrectly render it as HTML when opened, allowing the embedded JavaScript to run without requiring a file download. This behavior relies on Thunderbird auto-saving the attachment to /tmp and linking to it via the file:/// protocol, potentially enabling JavaScript execution as part of the HTML.
6.5 (Medium)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
The Mozilla Foundation's Security Advisory describes the following issue: It is possible to craft an email that shows a tracking link as an attachment. If the user attempts to open the attachment, Thunderbird automatically accesses the link. The configuration to block remote content does not prevent that. Thunderbird has been fixed to no longer allow access to web pages listed in the X-Mozilla-External-Attachment-URL header of an email.
6.5 (Medium)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
References
24 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2025:8203 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2366283 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2366287 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2366291 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2366297 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2025-3875 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2366287 | external |
| https://www.cve.org/CVERecord?id=CVE-2025-3875 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2025-3875 | external |
| https://www.mozilla.org/en-US/security/advisories… | external |
| https://access.redhat.com/security/cve/CVE-2025-3877 | self |
| https://www.cve.org/CVERecord?id=CVE-2025-3877 | external |
| https://access.redhat.com/security/cve/CVE-2025-3909 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2366283 | external |
| https://www.cve.org/CVERecord?id=CVE-2025-3909 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2025-3909 | external |
| https://www.mozilla.org/en-US/security/advisories… | external |
| https://access.redhat.com/security/cve/CVE-2025-3932 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2366297 | external |
| https://www.cve.org/CVERecord?id=CVE-2025-3932 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2025-3932 | external |
| https://www.mozilla.org/en-US/security/advisories… | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for thunderbird is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSecurity Fix(es):\n\n* thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link (CVE-2025-3909)\n\n* thunderbird: Sender Spoofing via Malformed From Header in Thunderbird (CVE-2025-3875)\n\n* thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links (CVE-2025-3877)\n\n* thunderbird: Tracking Links in Attachments Bypassed Remote Content Blocking (CVE-2025-3932)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:8203",
"url": "https://access.redhat.com/errata/RHSA-2025:8203"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2366283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366283"
},
{
"category": "external",
"summary": "2366287",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366287"
},
{
"category": "external",
"summary": "2366291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366291"
},
{
"category": "external",
"summary": "2366297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366297"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_8203.json"
}
],
"title": "Red Hat Security Advisory: thunderbird security update",
"tracking": {
"current_release_date": "2026-03-18T03:00:39+00:00",
"generator": {
"date": "2026-03-18T03:00:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2025:8203",
"initial_release_date": "2025-05-27T12:28:25+00:00",
"revision_history": [
{
"date": "2025-05-27T12:28:25+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-05-27T12:28:25+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-18T03:00:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:128.10.1-1.el9_6.src",
"product": {
"name": "thunderbird-0:128.10.1-1.el9_6.src",
"product_id": "thunderbird-0:128.10.1-1.el9_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@128.10.1-1.el9_6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:128.10.1-1.el9_6.aarch64",
"product": {
"name": "thunderbird-0:128.10.1-1.el9_6.aarch64",
"product_id": "thunderbird-0:128.10.1-1.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@128.10.1-1.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debugsource-0:128.10.1-1.el9_6.aarch64",
"product": {
"name": "thunderbird-debugsource-0:128.10.1-1.el9_6.aarch64",
"product_id": "thunderbird-debugsource-0:128.10.1-1.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debugsource@128.10.1-1.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:128.10.1-1.el9_6.aarch64",
"product": {
"name": "thunderbird-debuginfo-0:128.10.1-1.el9_6.aarch64",
"product_id": "thunderbird-debuginfo-0:128.10.1-1.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@128.10.1-1.el9_6?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:128.10.1-1.el9_6.ppc64le",
"product": {
"name": "thunderbird-0:128.10.1-1.el9_6.ppc64le",
"product_id": "thunderbird-0:128.10.1-1.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@128.10.1-1.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debugsource-0:128.10.1-1.el9_6.ppc64le",
"product": {
"name": "thunderbird-debugsource-0:128.10.1-1.el9_6.ppc64le",
"product_id": "thunderbird-debugsource-0:128.10.1-1.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debugsource@128.10.1-1.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:128.10.1-1.el9_6.ppc64le",
"product": {
"name": "thunderbird-debuginfo-0:128.10.1-1.el9_6.ppc64le",
"product_id": "thunderbird-debuginfo-0:128.10.1-1.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@128.10.1-1.el9_6?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:128.10.1-1.el9_6.x86_64",
"product": {
"name": "thunderbird-0:128.10.1-1.el9_6.x86_64",
"product_id": "thunderbird-0:128.10.1-1.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@128.10.1-1.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debugsource-0:128.10.1-1.el9_6.x86_64",
"product": {
"name": "thunderbird-debugsource-0:128.10.1-1.el9_6.x86_64",
"product_id": "thunderbird-debugsource-0:128.10.1-1.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debugsource@128.10.1-1.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:128.10.1-1.el9_6.x86_64",
"product": {
"name": "thunderbird-debuginfo-0:128.10.1-1.el9_6.x86_64",
"product_id": "thunderbird-debuginfo-0:128.10.1-1.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@128.10.1-1.el9_6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:128.10.1-1.el9_6.s390x",
"product": {
"name": "thunderbird-0:128.10.1-1.el9_6.s390x",
"product_id": "thunderbird-0:128.10.1-1.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@128.10.1-1.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debugsource-0:128.10.1-1.el9_6.s390x",
"product": {
"name": "thunderbird-debugsource-0:128.10.1-1.el9_6.s390x",
"product_id": "thunderbird-debugsource-0:128.10.1-1.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debugsource@128.10.1-1.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:128.10.1-1.el9_6.s390x",
"product": {
"name": "thunderbird-debuginfo-0:128.10.1-1.el9_6.s390x",
"product_id": "thunderbird-debuginfo-0:128.10.1-1.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@128.10.1-1.el9_6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:128.10.1-1.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.aarch64"
},
"product_reference": "thunderbird-0:128.10.1-1.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:128.10.1-1.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.ppc64le"
},
"product_reference": "thunderbird-0:128.10.1-1.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:128.10.1-1.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.s390x"
},
"product_reference": "thunderbird-0:128.10.1-1.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:128.10.1-1.el9_6.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.src"
},
"product_reference": "thunderbird-0:128.10.1-1.el9_6.src",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:128.10.1-1.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.x86_64"
},
"product_reference": "thunderbird-0:128.10.1-1.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:128.10.1-1.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.aarch64"
},
"product_reference": "thunderbird-debuginfo-0:128.10.1-1.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:128.10.1-1.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.ppc64le"
},
"product_reference": "thunderbird-debuginfo-0:128.10.1-1.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:128.10.1-1.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.s390x"
},
"product_reference": "thunderbird-debuginfo-0:128.10.1-1.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:128.10.1-1.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:128.10.1-1.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debugsource-0:128.10.1-1.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.aarch64"
},
"product_reference": "thunderbird-debugsource-0:128.10.1-1.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debugsource-0:128.10.1-1.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.ppc64le"
},
"product_reference": "thunderbird-debugsource-0:128.10.1-1.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debugsource-0:128.10.1-1.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.s390x"
},
"product_reference": "thunderbird-debugsource-0:128.10.1-1.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debugsource-0:128.10.1-1.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.x86_64"
},
"product_reference": "thunderbird-debugsource-0:128.10.1-1.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-3875",
"cwe": {
"id": "CWE-290",
"name": "Authentication Bypass by Spoofing"
},
"discovery_date": "2025-05-14T18:00:56.630759+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2366287"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation\u0027s Security Advisory describes the following issue: Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. For example, if the From header contains an (invalid) value \"Spoofed Name spoofed@example.com legitimate@example.com\", Thunderbird treats spoofed@example.com as the actual address.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "thunderbird: Sender Spoofing via Malformed From Header in Thunderbird",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-3875"
},
{
"category": "external",
"summary": "RHBZ#2366287",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366287"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-3875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3875"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-3875",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3875"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-34/#CVE-2025-3875",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-34/#CVE-2025-3875"
}
],
"release_date": "2025-05-14T16:56:42.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-27T12:28:25+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8203"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "thunderbird: Sender Spoofing via Malformed From Header in Thunderbird"
},
{
"cve": "CVE-2025-3877",
"discovery_date": "2025-05-14T18:01:07.823851+00:00",
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "other",
"text": "This CVE has been marked as Rejected by the assigning CNA.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-3877"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-3877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3877"
}
],
"release_date": "2025-05-14T16:56:43.402000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-27T12:28:25+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8203"
}
],
"title": "thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links"
},
{
"cve": "CVE-2025-3909",
"cwe": {
"id": "CWE-290",
"name": "Authentication Bypass by Spoofing"
},
"discovery_date": "2025-05-14T18:00:45.326936+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2366283"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation\u0027s Security Advisory describes the following issue: Thunderbird\u0027s handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment (message/rfc822) and setting its content type to application/pdf, Thunderbird may incorrectly render it as HTML when opened, allowing the embedded JavaScript to run without requiring a file download. This behavior relies on Thunderbird auto-saving the attachment to /tmp and linking to it via the file:/// protocol, potentially enabling JavaScript execution as part of the HTML.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-3909"
},
{
"category": "external",
"summary": "RHBZ#2366283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-3909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3909"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-3909",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3909"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-34/#CVE-2025-3909",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-34/#CVE-2025-3909"
}
],
"release_date": "2025-05-14T16:56:43.630000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-27T12:28:25+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8203"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link"
},
{
"cve": "CVE-2025-3932",
"cwe": {
"id": "CWE-288",
"name": "Authentication Bypass Using an Alternate Path or Channel"
},
"discovery_date": "2025-05-14T18:01:24.278469+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2366297"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation\u0027s Security Advisory describes the following issue: It is possible to craft an email that shows a tracking link as an attachment. If the user attempts to open the attachment, Thunderbird automatically accesses the link. The configuration to block remote content does not prevent that. Thunderbird has been fixed to no longer allow access to web pages listed in the X-Mozilla-External-Attachment-URL header of an email.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "thunderbird: Tracking Links in Attachments Bypassed Remote Content Blocking",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-3932"
},
{
"category": "external",
"summary": "RHBZ#2366297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366297"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-3932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3932"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-3932",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3932"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-34/#CVE-2025-3932",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-34/#CVE-2025-3932"
}
],
"release_date": "2025-05-14T16:56:43.939000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-27T12:28:25+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8203"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-0:128.10.1-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debuginfo-0:128.10.1-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:thunderbird-debugsource-0:128.10.1-1.el9_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "thunderbird: Tracking Links in Attachments Bypassed Remote Content Blocking"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…