Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:mozilla/Thunderbird@143.0.0
purl pkg:mozilla/Thunderbird@143.0.0
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-rg63-avu7-2bdc Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3. CVE-2025-10527

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-01T13:16:53.730494+00:00 Mozilla Importer Fixing VCID-rg63-avu7-2bdc https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2025/mfsa2025-77.yml 38.0.0