VDB

GCVE-110-MAGEIA-2022-163

GCVE-110-MAGEIA-2022-163
Advisory Published
Vulnetix · Advisory published May 6, 2022
Incorrect security status shown after viewing an attached email. (CVE-2022-1520) Fullscreen notification bypass using popups. (CVE-2022-29914) Bypassing permission prompt in nested browsing contexts. (CVE-2022-29909) Leaking browser history with CSS variables. (CVE-2022-29916) iframe sandbox bypass. (CVE-2022-29911) Reader mode bypassed SameSite cookies. (CVE-2022-29912) Speech Synthesis feature not properly disabled. (CVE-2022-29913) Memory safety bugs fixed in Thunderbird 91.9. (CVE-2022-29917)

Affected Products

VendorProductVersionsPlatforms
Mageiathunderbird-l10n0 (affected), 91.9.0-1.mga8 (unaffected), 0 (affected), 91.9.0-1.mga8 (unaffected)
Mageiathunderbird91.9.0-1.mga8 (unaffected), 0 (affected), 0 (affected), 91.9.0-1.mga8 (unaffected)
Mageiakodi0 (affected), 19.5-1.mga8 (unaffected), 19.5-1.mga8.tainted (unaffected), 0 (affected)

Browse GCVE Records

73,834 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›