Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

SUSE: 2025:01946-1 important: MozillaThunderbird security update

suse
Calendar Grey June 13, 2025
Dist Suse Esm H88
SUSE releases a crucial enhancement for MozillaThunderbird to tackle various security flaws and strengthen protection measures.
* bsc#1243353 Cross-References: * CVE-2025-5262 * CVE-2025-5263

Summary

## This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 128.11 (MFSA 2025-46, bsc#1243353): * CVE-2025-5262: Double-free in libvpx encoder (bmo#1962421) * CVE-2025-5263: Error handling for script execution was incorrectly isolated from web content (bmo#1960745) * CVE-2025-5264: Potential local code execution in "Copy as cURL" command (bmo#1950001) * CVE-2025-5265: Potential local code execution in "Copy as cURL" command (bmo#1962301) * CVE-2025-5266: Script element events leaked cross-origin resource status (bmo#1965628) * CVE-2025-5267: Clickjacking vulnerability could have led to leaking saved payment card details (bmo#1954137) * CVE-2025-5268: Memory safety bugs fixed in Firefox 139, Thunderbird 139,

References

* bsc#1243353

Cross-

* CVE-2025-5262

* CVE-2025-5263

* CVE-2025-5264

* CVE-2025-5265

* CVE-2025-5266

* CVE-2025-5267

* CVE-2025-5268

* CVE-2025-5269

CVSS scores:

* CVE-2025-5262 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2025-5263 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

* CVE-2025-5263 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

* CVE-2025-5264 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

* CVE-2025-5264 ( NVD ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

* CVE-2025-5265 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

* CVE-2025-5265 ( NVD ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

* CVE-2025-5266 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:01946-1
Release Date: 2025-06-13T10:17:13Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here