9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
46.9%
The updated packages fix security vulnerabilities: Queued up rendering could have allowed websites to clickjack. (CVE-2023-5721) Address bar spoofing via bidirectional characters. (CVE-2023-5732) Large WebGL draw could have led to a crash. (CVE-2023-5724) WebExtensions could open arbitrary URLs. (CVE-2023-5725) Improper object tracking during GC in the JavaScript engine could have led to a crash. (CVE-2023-5728) Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1. (CVE-2023-5730)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 9 | noarch | thunderbird | < 115.4.1-1 | thunderbird-115.4.1-1.mga9 |
Mageia | 9 | noarch | thunderbird-l10n | < 115.4.1-1 | thunderbird-l10n-115.4.1-1.mga9 |
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
46.9%