VDB

GCVE-110-MAGEIA-2023-34

GCVE-110-MAGEIA-2023-34
Advisory Published
Vulnetix · Advisory published February 7, 2023
libusrsctp library out of date. (CVE-2022-46871) Arbitrary file read from GTK drag and drop on Linux. (CVE-2023-23598) URL being dragged from cross-origin iframe into same tab triggers navigation. (CVE-2023-23601) Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers. (CVE-2023-23602) Fullscreen notification bypass. (CVE-2022-46877) Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive. (CVE-2023-23603) Memory safety bugs fixed in Thunderbird 102.7. (CVE-2023-23605) Revocation status of S/Mime signature certificates was not checked. (CVE-2023-0430)

Affected Products

VendorProductVersionsPlatforms
Mageiathunderbird-l10n102.7.1-1.mga8 (unaffected), 0 (affected), 0 (affected), 102.7.1-1.mga8 (unaffected)
Mageiathunderbird0 (affected), 102.7.1-1.mga8 (unaffected), 0 (affected), 102.7.1-1.mga8 (unaffected)
Mageiaputty0.78-1.mga8 (unaffected), 0 (affected)

Browse GCVE Records

73,118 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›