VulnerableCode Package Details - pkg:rpm/redhat/thunderbird@60.2.1-5?arch=el6

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:rpm/redhat/thunderbird@60.2.1-5?arch=el6

Essentials
History (8)

purl	pkg:rpm/redhat/thunderbird@60.2.1-5?arch=el6

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk	4.5

Vulnerabilities affecting this package (8)

Vulnerability	Summary	Fixed by
VCID-3v78-2fyv-tqht Aliases: CVE-2018-12385	Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code.	There are no reported fixed by versions.
VCID-bccq-jn4j-8qd8 Aliases: CVE-2017-16541	Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code.	There are no reported fixed by versions.
VCID-f4pn-vjxk-ybfx Aliases: CVE-2018-12379	Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code.	There are no reported fixed by versions.
VCID-gr1m-pdaw-a3h1 Aliases: CVE-2018-12377	Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code.	There are no reported fixed by versions.
VCID-kbqr-p81f-k3ch Aliases: CVE-2018-12383	Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code.	There are no reported fixed by versions.
VCID-pryc-r9jn-9bds Aliases: CVE-2018-12378	Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code.	There are no reported fixed by versions.
VCID-rhdv-jxvv-5yb2 Aliases: CVE-2018-18499	A same-origin policy violation allowing the theft of cross-origin URL entries when using a <meta> meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft.	There are no reported fixed by versions.
VCID-wj3c-xpra-vffj Aliases: CVE-2018-12376	Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code.	There are no reported fixed by versions.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T14:27:03.227182+00:00	RedHat Importer	Affected by	VCID-bccq-jn4j-8qd8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16541.json	38.0.0
2026-04-01T14:22:24.911904+00:00	RedHat Importer	Affected by	VCID-rhdv-jxvv-5yb2	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18499.json	38.0.0
2026-04-01T14:22:24.748129+00:00	RedHat Importer	Affected by	VCID-kbqr-p81f-k3ch	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12383.json	38.0.0
2026-04-01T14:22:24.597507+00:00	RedHat Importer	Affected by	VCID-f4pn-vjxk-ybfx	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12379.json	38.0.0
2026-04-01T14:22:24.515160+00:00	RedHat Importer	Affected by	VCID-pryc-r9jn-9bds	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12378.json	38.0.0
2026-04-01T14:22:24.433490+00:00	RedHat Importer	Affected by	VCID-gr1m-pdaw-a3h1	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12377.json	38.0.0
2026-04-01T14:22:24.350189+00:00	RedHat Importer	Affected by	VCID-wj3c-xpra-vffj	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12376.json	38.0.0
2026-04-01T14:22:17.663567+00:00	RedHat Importer	Affected by	VCID-3v78-2fyv-tqht	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12385.json	38.0.0