VulnerableCode Package Details - pkg:deb/debian/thunderbird@1:140.5.0esr-1~deb11u1?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-4bw1-v6ze-kbds	Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.	CVE-2025-13018
VCID-4kd3-95cm-g3fc	Same-origin policy bypass in the DOM: Workers component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.	CVE-2025-13019
VCID-962a-dwqf-3ycg	Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.	CVE-2025-13016
VCID-dgwm-n1zx-qkbq	Race condition in the Graphics component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.	CVE-2025-13012
VCID-e7jk-vs8y-fyhr	Use-after-free in the WebRTC: Audio/Video component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.	CVE-2025-13020
VCID-kdwy-7p45-hbcs	Spoofing issue in Firefox. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.	CVE-2025-13015
VCID-qgvy-hzsx-hkge	Use-after-free in the Audio/Video component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.	CVE-2025-13014
VCID-ukut-zyjx-93gq	Mitigation bypass in the DOM: Core & HTML component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.	CVE-2025-13013
VCID-wz6r-xzm9-m7hp	Same-origin policy bypass in the DOM: Notifications component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.	CVE-2025-13017

Vulnerability

Summary

Aliases

VCID-4bw1-v6ze-kbds

Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.

CVE-2025-13018

VCID-4kd3-95cm-g3fc

Same-origin policy bypass in the DOM: Workers component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.

CVE-2025-13019

VCID-962a-dwqf-3ycg

Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.

CVE-2025-13016

VCID-dgwm-n1zx-qkbq

Race condition in the Graphics component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.

CVE-2025-13012

VCID-e7jk-vs8y-fyhr

Use-after-free in the WebRTC: Audio/Video component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.

CVE-2025-13020

VCID-kdwy-7p45-hbcs

Spoofing issue in Firefox. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.

CVE-2025-13015

VCID-qgvy-hzsx-hkge

Use-after-free in the Audio/Video component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.

CVE-2025-13014

VCID-ukut-zyjx-93gq

Mitigation bypass in the DOM: Core & HTML component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.

CVE-2025-13013

VCID-wz6r-xzm9-m7hp

Same-origin policy bypass in the DOM: Notifications component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.

CVE-2025-13017

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T11:45:54.401054+00:00	Debian Importer	Fixing	VCID-e7jk-vs8y-fyhr	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:08:29.722198+00:00	Debian Importer	Fixing	VCID-qgvy-hzsx-hkge	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:04:33.496157+00:00	Debian Importer	Fixing	VCID-962a-dwqf-3ycg	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:31:09.969999+00:00	Debian Importer	Fixing	VCID-ukut-zyjx-93gq	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:15:16.494472+00:00	Debian Importer	Fixing	VCID-4bw1-v6ze-kbds	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:33:30.754229+00:00	Debian Importer	Fixing	VCID-kdwy-7p45-hbcs	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:17:39.929940+00:00	Debian Importer	Fixing	VCID-dgwm-n1zx-qkbq	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:05:13.643546+00:00	Debian Importer	Fixing	VCID-wz6r-xzm9-m7hp	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:50:18.992564+00:00	Debian Importer	Fixing	VCID-4kd3-95cm-g3fc	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T09:05:57.202985+00:00	Debian Importer	Fixing	VCID-4bw1-v6ze-kbds	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:01:22.470332+00:00	Debian Importer	Fixing	VCID-e7jk-vs8y-fyhr	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:35:22.729439+00:00	Debian Importer	Fixing	VCID-kdwy-7p45-hbcs	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:34:14.923279+00:00	Debian Importer	Fixing	VCID-qgvy-hzsx-hkge	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:31:17.836633+00:00	Debian Importer	Fixing	VCID-962a-dwqf-3ycg	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:06:04.384470+00:00	Debian Importer	Fixing	VCID-ukut-zyjx-93gq	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:47:13.569980+00:00	Debian Importer	Fixing	VCID-dgwm-n1zx-qkbq	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:43:34.309677+00:00	Debian Importer	Fixing	VCID-4kd3-95cm-g3fc	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:05:20.554007+00:00	Debian Importer	Fixing	VCID-wz6r-xzm9-m7hp	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:54:54.293819+00:00	Debian Importer	Fixing	VCID-e7jk-vs8y-fyhr	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:54:54.231168+00:00	Debian Importer	Fixing	VCID-4kd3-95cm-g3fc	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:54:54.168489+00:00	Debian Importer	Fixing	VCID-4bw1-v6ze-kbds	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:54:54.106240+00:00	Debian Importer	Fixing	VCID-wz6r-xzm9-m7hp	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:54:54.044466+00:00	Debian Importer	Fixing	VCID-962a-dwqf-3ycg	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:54:53.983180+00:00	Debian Importer	Fixing	VCID-kdwy-7p45-hbcs	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:54:53.922039+00:00	Debian Importer	Fixing	VCID-qgvy-hzsx-hkge	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:54:53.860772+00:00	Debian Importer	Fixing	VCID-ukut-zyjx-93gq	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:54:53.796239+00:00	Debian Importer	Fixing	VCID-dgwm-n1zx-qkbq	https://security-tracker.debian.org/tracker/data/json	38.1.0