Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Debian Stable: DSA-5921-1 critical: thunderbird mail header spoofing

debian
Calendar Grey May 16, 2025
Debian Logo
Mozilla Thunderbird presents several security flaws that could potentially enable mail header manipulation, execution of JavaScript, and unauthorized information disclosures.
Multiple security issues were discovered in Thunderbird, which could result in spoofing of From: mail headers, execution of JavaScript or information disclosure

Summary

Multiple security issues were discovered in Thunderbird, which could
result in spoofing of From: mail headers, execution of JavaScript or
information disclosure.

For the stable distribution (bookworm), these problems have been fixed in
version 1:128.10.1esr-1~deb12u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/thunderbird

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/



Severity
critical
Lowest
Low
Medium
High
Critical

Package: thunderbird
CVE ID: CVE-2025-3875 CVE-2025-3877 CVE-2025-3909 CVE-2025-3932

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here