Search for packages
| purl | pkg:alpm/archlinux/thunderbird@91.6.2-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-69v9-jknd-aaam
Aliases: CVE-2022-26381 |
An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7. |
Affected by 9 other vulnerabilities. |
|
VCID-9e79-r9um-aaag
Aliases: CVE-2022-26387 |
When installing an add-on, Firefox verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Firefox would not have noticed. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7. |
Affected by 9 other vulnerabilities. |
|
VCID-mgv8-uy3t-aaag
Aliases: CVE-2022-26386 |
Previously Firefox for macOS and Linux would download temporary files to a user-specific directory in <code>/tmp</code>, but this behavior was changed to download them to <code>/tmp</code> where they could be affected by other local users. This behavior was reverted to the original, user-specific directory. <br>*This bug only affects Firefox for macOS and Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.7 and Thunderbird < 91.7. |
Affected by 9 other vulnerabilities. |
|
VCID-npyv-g3uj-aaaj
Aliases: CVE-2022-26384 |
If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7. |
Affected by 9 other vulnerabilities. |
|
VCID-wg4g-7st5-aaab
Aliases: CVE-2022-26383 |
When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7. |
Affected by 9 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T07:45:16.446360+00:00 | Arch Linux Importer | Affected by | VCID-69v9-jknd-aaam | https://security.archlinux.org/AVG-2713 | 36.0.0 |
| 2025-03-28T07:45:16.417325+00:00 | Arch Linux Importer | Affected by | VCID-wg4g-7st5-aaab | https://security.archlinux.org/AVG-2713 | 36.0.0 |
| 2025-03-28T07:45:16.391429+00:00 | Arch Linux Importer | Affected by | VCID-npyv-g3uj-aaaj | https://security.archlinux.org/AVG-2713 | 36.0.0 |
| 2025-03-28T07:45:16.372818+00:00 | Arch Linux Importer | Affected by | VCID-mgv8-uy3t-aaag | https://security.archlinux.org/AVG-2713 | 36.0.0 |
| 2025-03-28T07:45:16.354034+00:00 | Arch Linux Importer | Affected by | VCID-9e79-r9um-aaag | https://security.archlinux.org/AVG-2713 | 36.0.0 |
| 2024-09-18T02:00:12.448545+00:00 | Arch Linux Importer | Affected by | VCID-69v9-jknd-aaam | https://security.archlinux.org/AVG-2713 | 34.0.1 |
| 2024-09-18T02:00:12.423325+00:00 | Arch Linux Importer | Affected by | VCID-wg4g-7st5-aaab | https://security.archlinux.org/AVG-2713 | 34.0.1 |
| 2024-09-18T02:00:12.400172+00:00 | Arch Linux Importer | Affected by | VCID-npyv-g3uj-aaaj | https://security.archlinux.org/AVG-2713 | 34.0.1 |
| 2024-09-18T02:00:12.376722+00:00 | Arch Linux Importer | Affected by | VCID-mgv8-uy3t-aaag | https://security.archlinux.org/AVG-2713 | 34.0.1 |
| 2024-09-18T02:00:12.351496+00:00 | Arch Linux Importer | Affected by | VCID-9e79-r9um-aaag | https://security.archlinux.org/AVG-2713 | 34.0.1 |
| 2024-01-03T22:26:26.811921+00:00 | Arch Linux Importer | Affected by | VCID-69v9-jknd-aaam | https://security.archlinux.org/AVG-2713 | 34.0.0rc1 |
| 2024-01-03T22:26:26.789921+00:00 | Arch Linux Importer | Affected by | VCID-wg4g-7st5-aaab | https://security.archlinux.org/AVG-2713 | 34.0.0rc1 |
| 2024-01-03T22:26:26.763493+00:00 | Arch Linux Importer | Affected by | VCID-npyv-g3uj-aaaj | https://security.archlinux.org/AVG-2713 | 34.0.0rc1 |
| 2024-01-03T22:26:26.741854+00:00 | Arch Linux Importer | Affected by | VCID-mgv8-uy3t-aaag | https://security.archlinux.org/AVG-2713 | 34.0.0rc1 |
| 2024-01-03T22:26:26.720308+00:00 | Arch Linux Importer | Affected by | VCID-9e79-r9um-aaag | https://security.archlinux.org/AVG-2713 | 34.0.0rc1 |