8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.1 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
38.1%
The updated packages fix security vulnerabilities. Out-of-bound memory access in WebGL2 blitFramebuffer. (CVE-2023-6204) Use-after-free in MessagePort::Entangled. (CVE-2023-6205) Clickjacking permission prompts using the fullscreen transition. (CVE-2023-6206) Use-after-free in ReadableByteStreamQueueEntry::Buffer. (CVE-2023-6207) Using Selection API would copy contents into X11 primary selection. (CVE-2023-6208) Incorrect parsing of relative URLs starting with “///”. (CVE-2023-6209) Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5. (CVE-2023-6212)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 9 | noarch | thunderbird | < 115.5.1-1 | thunderbird-115.5.1-1.mga9 |
Mageia | 9 | noarch | thunderbird-l10n | < 115.5.1-1 | thunderbird-l10n-115.5.1-1.mga9 |
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.1 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
38.1%