Mozilla Thunderbird 128.0.1
Approved changes feed: RSS · Atom
cpe:2.3:a:mozilla:thunderbird:128.0.1:*:*:*:*:*:*:*
part: a version: 128.0.1 update: *
| Vendor | Mozilla (be1b0d4e-21a7-5a25-9982-bbda6ef43ec1) |
|---|---|
| Product | Thunderbird (e5553559-8c71-58cd-a1a6-c5f5cf77e32f) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:deb/debian/thunderbird |
purl2cpe | 2026-06-01 10:17:53.769015 |
pkg:mozilla/comm-central |
purl2cpe | 2026-06-01 10:17:53.769017 |
pkg:rpm/fedora/thunderbird |
purl2cpe | 2026-06-01 10:17:53.769018 |
pkg:rpm/opensuse/mozillathunderbird |
purl2cpe | 2026-06-01 10:17:53.769020 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-7529 |
vulnerable | 2026-06-03 14:58:06.112148 |
Details available
The date picker could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
Published: 2024-08-06T12:38:15.245Z
Updated: 2024-08-07T20:55:22.507Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-7527 |
vulnerable | 2026-06-03 14:58:06.111027 |
Details available
Unexpected marking work at the start of sweeping could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
Published: 2024-08-06T12:38:14.698Z
Updated: 2025-03-18T19:05:01.797Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-7526 |
vulnerable | 2026-06-03 14:58:06.110071 |
Details available
ANGLE failed to initialize parameters which lead to reading from uninitialized memory. This could be leveraged to leak sensitive data from memory. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
Published: 2024-08-06T12:38:14.456Z
Updated: 2024-09-17T18:14:47.411Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-7525 |
vulnerable | 2026-06-03 14:58:06.109332 |
Details available
It was possible for a web extension with minimal permissions to create a `StreamFilter` which could be used to read and modify the response body of requests on any site. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
Published: 2024-08-06T12:38:14.195Z
Updated: 2024-08-06T22:21:43.959Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-7522 |
vulnerable | 2026-06-03 14:58:06.107850 |
Details available
Editor code failed to check an attribute value. This could have led to an out-of-bounds read. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
Published: 2024-08-06T12:38:13.630Z
Updated: 2024-08-08T16:02:54.096Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-7521 |
vulnerable | 2026-06-03 14:58:06.107091 |
Details available
Incomplete WebAssembly exception handing could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
Published: 2024-08-06T12:38:13.406Z
Updated: 2024-08-07T20:58:56.811Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-7519 |
vulnerable | 2026-06-03 14:58:06.103781 |
Details available
Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
Published: 2024-08-06T12:38:12.854Z
Updated: 2024-08-07T20:49:22.889Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.