csaf_suse - suse-su-2025:1366-1

suse-su-2025:1366-1

Vulnerability from csaf_suse

Published

2025-04-24 12:42

Modified

2025-04-24 12:42

Summary

Security update for MozillaThunderbird

Notes

Title of the patch

Security update for MozillaThunderbird

Description of the patch

This update for MozillaThunderbird fixes the following issues: - Mozilla Thunderbird 128.9.2 (bsc#1241277) - CVE-2025-3522: Leak of hashed Window credentials via crafted attachment URL - CVE-2025-2830: Information Disclosure of /tmp directory listing - CVE-2025-3523: User Interface (UI) Misrepresentation of attachment URL

Patchnames

SUSE-2025-1366,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1366,SUSE-SLE-Product-WE-15-SP6-2025-1366,openSUSE-SLE-15.6-2025-1366

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for MozillaThunderbird",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for MozillaThunderbird fixes the following issues:\n\n- Mozilla Thunderbird 128.9.2 (bsc#1241277)\n- CVE-2025-3522: Leak of hashed Window credentials via crafted attachment URL\n- CVE-2025-2830: Information Disclosure of /tmp directory listing\n- CVE-2025-3523: User Interface (UI) Misrepresentation of attachment URL\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2025-1366,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1366,SUSE-SLE-Product-WE-15-SP6-2025-1366,openSUSE-SLE-15.6-2025-1366",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_1366-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2025:1366-1",
        "url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251366-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2025:1366-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020740.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241277",
        "url": "https://bugzilla.suse.com/1241277"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-2830 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-2830/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-3522 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-3522/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-3523 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-3523/"
      }
    ],
    "title": "Security update for MozillaThunderbird",
    "tracking": {
      "current_release_date": "2025-04-24T12:42:07Z",
      "generator": {
        "date": "2025-04-24T12:42:07Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2025:1366-1",
      "initial_release_date": "2025-04-24T12:42:07Z",
      "revision_history": [
        {
          "date": "2025-04-24T12:42:07Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaThunderbird-128.9.2-150200.8.209.1.aarch64",
                "product": {
                  "name": "MozillaThunderbird-128.9.2-150200.8.209.1.aarch64",
                  "product_id": "MozillaThunderbird-128.9.2-150200.8.209.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.aarch64",
                "product": {
                  "name": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.aarch64",
                  "product_id": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.aarch64",
                "product": {
                  "name": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.aarch64",
                  "product_id": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaThunderbird-128.9.2-150200.8.209.1.ppc64le",
                "product": {
                  "name": "MozillaThunderbird-128.9.2-150200.8.209.1.ppc64le",
                  "product_id": "MozillaThunderbird-128.9.2-150200.8.209.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.ppc64le",
                "product": {
                  "name": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.ppc64le",
                  "product_id": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.ppc64le",
                "product": {
                  "name": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.ppc64le",
                  "product_id": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaThunderbird-128.9.2-150200.8.209.1.s390x",
                "product": {
                  "name": "MozillaThunderbird-128.9.2-150200.8.209.1.s390x",
                  "product_id": "MozillaThunderbird-128.9.2-150200.8.209.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.s390x",
                "product": {
                  "name": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.s390x",
                  "product_id": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.s390x",
                "product": {
                  "name": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.s390x",
                  "product_id": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaThunderbird-128.9.2-150200.8.209.1.x86_64",
                "product": {
                  "name": "MozillaThunderbird-128.9.2-150200.8.209.1.x86_64",
                  "product_id": "MozillaThunderbird-128.9.2-150200.8.209.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.x86_64",
                "product": {
                  "name": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.x86_64",
                  "product_id": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.x86_64",
                "product": {
                  "name": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.x86_64",
                  "product_id": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
                  "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:packagehub:15:sp6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Workstation Extension 15 SP6",
                "product": {
                  "name": "SUSE Linux Enterprise Workstation Extension 15 SP6",
                  "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-we:15:sp6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.6",
                "product": {
                  "name": "openSUSE Leap 15.6",
                  "product_id": "openSUSE Leap 15.6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-128.9.2-150200.8.209.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.aarch64"
        },
        "product_reference": "MozillaThunderbird-128.9.2-150200.8.209.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-128.9.2-150200.8.209.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.ppc64le"
        },
        "product_reference": "MozillaThunderbird-128.9.2-150200.8.209.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-128.9.2-150200.8.209.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.s390x"
        },
        "product_reference": "MozillaThunderbird-128.9.2-150200.8.209.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.aarch64"
        },
        "product_reference": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.ppc64le"
        },
        "product_reference": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.s390x"
        },
        "product_reference": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.aarch64"
        },
        "product_reference": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.ppc64le"
        },
        "product_reference": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.s390x"
        },
        "product_reference": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-128.9.2-150200.8.209.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP6",
          "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.x86_64"
        },
        "product_reference": "MozillaThunderbird-128.9.2-150200.8.209.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP6",
          "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.x86_64"
        },
        "product_reference": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP6",
          "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.x86_64"
        },
        "product_reference": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-128.9.2-150200.8.209.1.aarch64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.aarch64"
        },
        "product_reference": "MozillaThunderbird-128.9.2-150200.8.209.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-128.9.2-150200.8.209.1.ppc64le as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.ppc64le"
        },
        "product_reference": "MozillaThunderbird-128.9.2-150200.8.209.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-128.9.2-150200.8.209.1.s390x as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.s390x"
        },
        "product_reference": "MozillaThunderbird-128.9.2-150200.8.209.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-128.9.2-150200.8.209.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.x86_64"
        },
        "product_reference": "MozillaThunderbird-128.9.2-150200.8.209.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.aarch64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.aarch64"
        },
        "product_reference": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.ppc64le as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.ppc64le"
        },
        "product_reference": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.s390x as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.s390x"
        },
        "product_reference": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.x86_64"
        },
        "product_reference": "MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.aarch64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.aarch64"
        },
        "product_reference": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.ppc64le as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.ppc64le"
        },
        "product_reference": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.s390x as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.s390x"
        },
        "product_reference": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.x86_64"
        },
        "product_reference": "MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-2830",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-2830"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the victim\u0027s system. This vulnerability is not limited to Linux; similar behavior has been observed on Windows as well. This vulnerability affects Thunderbird \u003c 137.0.2 and Thunderbird \u003c 128.9.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.x86_64",
          "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.aarch64",
          "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.ppc64le",
          "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.s390x",
          "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.x86_64",
          "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.aarch64",
          "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.ppc64le",
          "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.s390x",
          "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.x86_64",
          "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.aarch64",
          "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.ppc64le",
          "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.s390x",
          "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-2830",
          "url": "https://www.suse.com/security/cve/CVE-2025-2830"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241277 for CVE-2025-2830",
          "url": "https://bugzilla.suse.com/1241277"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.x86_64",
            "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.aarch64",
            "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.ppc64le",
            "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.s390x",
            "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.x86_64",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.aarch64",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.ppc64le",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.s390x",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.x86_64",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.aarch64",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.ppc64le",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.s390x",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.x86_64",
            "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.aarch64",
            "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.ppc64le",
            "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.s390x",
            "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.x86_64",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.aarch64",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.ppc64le",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.s390x",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.x86_64",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.aarch64",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.ppc64le",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.s390x",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-24T12:42:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-2830"
    },
    {
      "cve": "CVE-2025-3522",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-3522"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be hosted externally. When an email is opened, Thunderbird accesses the specified URL to  determine file size, and navigates to it when the user clicks the attachment. Because the URL is not validated or sanitized, it can reference internal resources like chrome:// or SMB share file:// links, potentially leading to hashed Windows credential leakage and opening the door to more serious security issues. This vulnerability affects Thunderbird \u003c 137.0.2 and Thunderbird \u003c 128.9.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.x86_64",
          "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.aarch64",
          "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.ppc64le",
          "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.s390x",
          "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.x86_64",
          "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.aarch64",
          "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.ppc64le",
          "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.s390x",
          "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.x86_64",
          "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.aarch64",
          "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.ppc64le",
          "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.s390x",
          "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-3522",
          "url": "https://www.suse.com/security/cve/CVE-2025-3522"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241277 for CVE-2025-3522",
          "url": "https://bugzilla.suse.com/1241277"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.x86_64",
            "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.aarch64",
            "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.ppc64le",
            "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.s390x",
            "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.x86_64",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.aarch64",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.ppc64le",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.s390x",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.x86_64",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.aarch64",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.ppc64le",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.s390x",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.x86_64",
            "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.aarch64",
            "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.ppc64le",
            "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.s390x",
            "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.x86_64",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.aarch64",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.ppc64le",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.s390x",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.x86_64",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.aarch64",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.ppc64le",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.s390x",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-24T12:42:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-3522"
    },
    {
      "cve": "CVE-2025-3523",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-3523"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When an email contains multiple attachments with external links via the X-Mozilla-External-Attachment-URL header, only the last link is shown when hovering over any attachment. Although the correct link is used on click, the misleading hover text could trick users into downloading content from untrusted sources. This vulnerability affects Thunderbird \u003c 137.0.2 and Thunderbird \u003c 128.9.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.x86_64",
          "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.aarch64",
          "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.ppc64le",
          "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.s390x",
          "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.x86_64",
          "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.aarch64",
          "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.ppc64le",
          "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.s390x",
          "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.x86_64",
          "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.aarch64",
          "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.ppc64le",
          "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.s390x",
          "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-3523",
          "url": "https://www.suse.com/security/cve/CVE-2025-3523"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241277 for CVE-2025-3523",
          "url": "https://bugzilla.suse.com/1241277"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.x86_64",
            "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.aarch64",
            "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.ppc64le",
            "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.s390x",
            "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.x86_64",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.aarch64",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.ppc64le",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.s390x",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.x86_64",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.aarch64",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.ppc64le",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.s390x",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-128.9.2-150200.8.209.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.x86_64",
            "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.aarch64",
            "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.ppc64le",
            "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.s390x",
            "openSUSE Leap 15.6:MozillaThunderbird-128.9.2-150200.8.209.1.x86_64",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.aarch64",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.ppc64le",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.s390x",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-common-128.9.2-150200.8.209.1.x86_64",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.aarch64",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.ppc64le",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.s390x",
            "openSUSE Leap 15.6:MozillaThunderbird-translations-other-128.9.2-150200.8.209.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-24T12:42:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-3523"
    }
  ]
}

CVE-2025-2830 (GCVE-0-2025-2830)

Vulnerability from cvelistv5

Published

2025-04-15 15:06

Modified

2025-04-15 18:10

Severity ?

6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

CWE

Information Disclosure of /tmp directory listing

Summary

By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the victim's system. This vulnerability is not limited to Linux; similar behavior has been observed on Windows as well. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2.

References

►

URL

Tags

	https://bugzilla.mozilla.org/show_bug.cgi?id=1956379
	https://www.mozilla.org/security/advisories/mfsa2025-26/
	https://www.mozilla.org/security/advisories/mfsa2025-27/

Impacted products

Vendor

Product

Version

►

Mozilla

Thunderbird

Version: unspecified < 137.0.2

Mozilla

Thunderbird

Version: unspecified < 128.9.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 6.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-2830",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-15T17:53:44.520084Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-22",
                "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-15T18:10:39.280Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Thunderbird",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "137.0.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Thunderbird",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "128.9.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Dario Wei\u00dfer"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the victim\u0027s system. This vulnerability is not limited to Linux; similar behavior has been observed on Windows as well. This vulnerability affects Thunderbird \u003c 137.0.2 and Thunderbird \u003c 128.9.2."
            }
          ],
          "value": "By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the victim\u0027s system. This vulnerability is not limited to Linux; similar behavior has been observed on Windows as well. This vulnerability affects Thunderbird \u003c 137.0.2 and Thunderbird \u003c 128.9.2."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure of /tmp directory listing",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-15T15:06:13.895Z",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1956379"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2025-26/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2025-27/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2025-2830",
    "datePublished": "2025-04-15T15:06:13.895Z",
    "dateReserved": "2025-03-26T18:56:39.784Z",
    "dateUpdated": "2025-04-15T18:10:39.280Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-3523 (GCVE-0-2025-3523)

Vulnerability from cvelistv5

Published

2025-04-15 15:06

Modified

2025-04-15 17:51

Severity ?

6.4 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:L

CWE

User Interface (UI) Misrepresentation of attachment URL

Summary

When an email contains multiple attachments with external links via the X-Mozilla-External-Attachment-URL header, only the last link is shown when hovering over any attachment. Although the correct link is used on click, the misleading hover text could trick users into downloading content from untrusted sources. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2.

References

►

URL

Tags

	https://bugzilla.mozilla.org/show_bug.cgi?id=1958385
	https://www.mozilla.org/security/advisories/mfsa2025-26/
	https://www.mozilla.org/security/advisories/mfsa2025-27/

Impacted products

Vendor

Product

Version

►

Mozilla

Thunderbird

Version: unspecified < 137.0.2

Mozilla

Thunderbird

Version: unspecified < 128.9.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 6.4,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-3523",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-15T17:45:32.075828Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-451",
                "description": "CWE-451 User Interface (UI) Misrepresentation of Critical Information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-15T17:51:38.126Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Thunderbird",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "137.0.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Thunderbird",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "128.9.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Dario Wei\u00dfer"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "When an email contains multiple attachments with external links via the X-Mozilla-External-Attachment-URL header, only the last link is shown when hovering over any attachment. Although the correct link is used on click, the misleading hover text could trick users into downloading content from untrusted sources. This vulnerability affects Thunderbird \u003c 137.0.2 and Thunderbird \u003c 128.9.2."
            }
          ],
          "value": "When an email contains multiple attachments with external links via the X-Mozilla-External-Attachment-URL header, only the last link is shown when hovering over any attachment. Although the correct link is used on click, the misleading hover text could trick users into downloading content from untrusted sources. This vulnerability affects Thunderbird \u003c 137.0.2 and Thunderbird \u003c 128.9.2."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "User Interface (UI) Misrepresentation of attachment URL",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-15T15:06:14.164Z",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1958385"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2025-26/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2025-27/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2025-3523",
    "datePublished": "2025-04-15T15:06:14.164Z",
    "dateReserved": "2025-04-11T15:27:51.919Z",
    "dateUpdated": "2025-04-15T17:51:38.126Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-3522 (GCVE-0-2025-3522)

Vulnerability from cvelistv5

Published

2025-04-15 15:06

Modified

2025-04-15 19:05

Severity ?

6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

CWE

Leak of hashed Window credentials via crafted attachment URL

Summary

Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be hosted externally. When an email is opened, Thunderbird accesses the specified URL to determine file size, and navigates to it when the user clicks the attachment. Because the URL is not validated or sanitized, it can reference internal resources like chrome:// or SMB share file:// links, potentially leading to hashed Windows credential leakage and opening the door to more serious security issues. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2.

References

►

URL

Tags

	https://bugzilla.mozilla.org/show_bug.cgi?id=1955372
	https://www.mozilla.org/security/advisories/mfsa2025-26/
	https://www.mozilla.org/security/advisories/mfsa2025-27/

Impacted products

Vendor

Product

Version

►

Mozilla

Thunderbird

Version: unspecified < 137.0.2

Mozilla

Thunderbird

Version: unspecified < 128.9.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 6.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-3522",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-15T18:49:37.244746Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-601",
                "description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-15T19:05:13.896Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Thunderbird",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "137.0.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Thunderbird",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "128.9.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Dario Wei\u00dfer"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be hosted externally. When an email is opened, Thunderbird accesses the specified URL to  determine file size, and navigates to it when the user clicks the attachment. Because the URL is not validated or sanitized, it can reference internal resources like chrome:// or SMB share file:// links, potentially leading to hashed Windows credential leakage and opening the door to more serious security issues. This vulnerability affects Thunderbird \u003c 137.0.2 and Thunderbird \u003c 128.9.2."
            }
          ],
          "value": "Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be hosted externally. When an email is opened, Thunderbird accesses the specified URL to  determine file size, and navigates to it when the user clicks the attachment. Because the URL is not validated or sanitized, it can reference internal resources like chrome:// or SMB share file:// links, potentially leading to hashed Windows credential leakage and opening the door to more serious security issues. This vulnerability affects Thunderbird \u003c 137.0.2 and Thunderbird \u003c 128.9.2."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Leak of hashed Window credentials via crafted attachment URL",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-15T15:06:13.599Z",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1955372"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2025-26/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2025-27/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2025-3522",
    "datePublished": "2025-04-15T15:06:13.599Z",
    "dateReserved": "2025-04-11T15:23:30.875Z",
    "dateUpdated": "2025-04-15T19:05:13.896Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

suse-su-2025:1366-1

Vulnerability from csaf_suse

CVE-2025-2830 (GCVE-0-2025-2830)

Vulnerability from cvelistv5

CVE-2025-3523 (GCVE-0-2025-3523)

Vulnerability from cvelistv5

CVE-2025-3522 (GCVE-0-2025-3522)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature