Alerts This Week
Warning Icon 1 681
Alerts This Week
Warning Icon 1 681

Ubuntu 22.04 LTS: Thunderbird Important Cross-Site Threats Vuln 7663-1

Calendar Jul 22, 2025 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory denial of service Ubuntu important thunderbird cross-site
Several security issues were fixed in Thunderbird. 
==========================================================================
Ubuntu Security Notice USN-7663-1
July 22, 2025

thunderbird vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in Thunderbird.

Software Description:
- thunderbird: Mozilla Open Source mail and newsgroup client

Details:

Multiple security issues were discovered in Thunderbird. If a user were
tricked into opening a specially crafted website in a browsing context, an
attacker could potentially exploit these to cause a denial of service,
obtain sensitive information, bypass security restrictions, cross-site
tracing, or execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
  thunderbird                     1:128.12.0+build1-0ubuntu0.22.04.1

This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart thunderbird to
make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-7663-1
  CVE-2024-43097, CVE-2025-0238, CVE-2025-0242, CVE-2025-0510,
  CVE-2025-1009, CVE-2025-1010, CVE-2025-1011, CVE-2025-1012,
  CVE-2025-1013, CVE-2025-1014, CVE-2025-1015, CVE-2025-1016,
  CVE-2025-1017, CVE-2025-1930, CVE-2025-1931, CVE-2025-1932,
  CVE-2025-1933, CVE-2025-1934, CVE-2025-1935, CVE-2025-1936,
  CVE-2025-1937, CVE-2025-1938, CVE-2025-26695, CVE-2025-26696,
  CVE-2025-2830, CVE-2025-3028, CVE-2025-3029, CVE-2025-3030,
  CVE-2025-3522, CVE-2025-3523, CVE-2025-3875, CVE-2025-3909,
  CVE-2025-3932, CVE-2025-4083, CVE-2025-4087, CVE-2025-4091,
  CVE-2025-4093, CVE-2025-4918, CVE-2025-4919, CVE-2025-5263,
  CVE-2025-5264, CVE-2025-5265, CVE-2025-5266, CVE-2025-5267,
  CVE-2025-5268, CVE-2025-5269, CVE-2025-5986, CVE-2025-6424,
  CVE-2025-6425, CVE-2025-6426, CVE-2025-6429, CVE-2025-6430

Package Information:
  https://launchpad.net/ubuntu/+source/thunderbird/1:128.12.0+build1-0ubuntu0.22.04.1

Ubuntu 22.04 LTS: Thunderbird Important Cross-Site Threats Vuln 7663-1

ubuntu
Calendar Grey July 22, 2025
Dist Ubuntu Esm H88
Discover critical security issues fixed in Thunderbird for Ubuntu 22.04 LTS, including potential exploits and mitigation steps.
Several security issues were fixed in Thunderbird.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS Summary: Several security issues were fixed in Thunderbird. Software Description: - thunderbird: Mozilla Open Source mail and newsgroup client Details: Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code.

Topics%20covered

Topics Covered

security advisory denial of service Ubuntu important thunderbird cross-site

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS thunderbird 1:128.12.0+build1-0ubuntu0.22.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart thunderbird to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7663-1

CVE-2024-43097, CVE-2025-0238, CVE-2025-0242, CVE-2025-0510,

CVE-2025-1009, CVE-2025-1010, CVE-2025-1011, CVE-2025-1012,

CVE-2025-1013, CVE-2025-1014, CVE-2025-1015, CVE-2025-1016,

CVE-2025-1017, CVE-2025-1930, CVE-2025-1931, CVE-2025-1932,

CVE-2025-1933, CVE-2025-1934, CVE-2025-1935, CVE-2025-1936,

CVE-2025-1937, CVE-2025-1938, CVE-2025-26695, CVE-2025-26696,

CVE-2025-2830, CVE-2025-3028, CVE-2025-3029, CVE-2025-3030,

CVE-2025-3522, CVE-2025-3523, CVE-2025-3875, CVE-2025-3909,

CVE-2025-3932, CVE-2025-4083, CVE-2025-4087, CVE-2025-4091,

CVE-2025-4093, CVE-2025-4918, CVE-2025-4919, CVE-2025-5263,

CVE-2025-5264, CVE-2025-5265, CVE-2025-5266, CVE-2025-5267,

CVE-2025-5268, CVE-2025-5269, CVE-2025-5986, CVE-2025-6424,

CVE-2025-6425, CVE-2025-6426, CVE-2025-6429, CVE-2025-6430

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7663-1

Topics%20covered

Topics Covered

security advisory denial of service Ubuntu important thunderbird cross-site

Package Information

https://launchpad.net/ubuntu/+source/thunderbird/1:128.12.0+build1-0ubuntu0.22.04.1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here