AVG-1155 log

Package thunderbird
Status Fixed
Severity Critical
Type multiple issues
Affected 68.7.0-2
Fixed 68.8.0-1
Current 128.5.2-1 [extra-testing]
128.5.1-1 [extra]
Ticket None
Created Sat May 9 16:09:34 2020
Issue Severity Remote Type Description
CVE-2020-12397 Low Yes Content spoofing
An spoofing email address issue has been found in Thunderbird before 68.8.0. By encoding Unicode whitespace characters within the From email header, an...
CVE-2020-12395 Critical Yes Arbitrary code execution
Several memory safety bugs has been found in Firefox before 76.0, Firefox ESR before 68.8 and Thunderbird before 68.8.0. Some of these bugs showed evidence...
CVE-2020-12392 Medium Yes Content spoofing
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request in Firefox before 76.0 and Thunderbird before...
CVE-2020-12387 Critical Yes Arbitrary code execution
A race condition has been found in Firefox before 76.0 and Thunderbird before 68.8.0, when running shutdown code for Web Worker, leading to a use-after-free...
CVE-2020-6831 High Yes Arbitrary code execution
A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC, in Firefox before 76.0, Thunderbird before 68.8.0 and chromium before...
Date Advisory Package Type
09 May 2020 ASA-202005-7 thunderbird multiple issues
References
https://www.mozilla.org/en-US/security/advisories/mfsa2020-18/