VDB
GCVE-110-MAGEIA-2022-97
GCVE-110-MAGEIA-2022-97
Advisory Published
An attacker could have caused a use-after-free by forcing a text reflow in an
SVG object leading to a potentially exploitable crash (CVE-2022-26381).
When resizing a popup after requesting fullscreen access, the popup would not
display the fullscreen notification (CVE-2022-26383).
If an attacker could control the contents of an iframe sandboxed with
allow-popups but not allow-scripts, they were able to craft a link that, when
clicked, would lead to JavaScript execution in violation of the sandbox
(CVE-2022-26384).
Previously Thunderbird for macOS and Linux would download temporary files to
a user-specific directory in /tmp, but this behavior was changed to download
them to /tmp where they could be affected by other local users. This behavior
was reverted to the original, user-specific directory (CVE-2022-26386).
When installing an add-on, Thunderbird verified the signature before
prompting the user; but while the user was confirming the prompt, the
underlying add-on file could have been modified and Thunderbird would not
have noticed (CVE-2022-26387).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | thunderbird-l10n | 91.7.0-1.mga8 (unaffected), 0 (affected), 0 (affected), 91.7.0-1.mga8 (unaffected) | — |
| Mageia | thunderbird | 0 (affected), 91.7.0-1.mga8 (unaffected), 0 (affected), 91.7.0-1.mga8 (unaffected) | — |
| Mageia | openvpn | 2.5.0-2.3.mga8 (unaffected), 0 (affected) | — |
References
Browse GCVE Records
73,866 records in the GCVE database · Updated July 19, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.