VDB

GCVE-VVD-MAGEIA-2019-285

GCVE-VVD-MAGEIA-2019-285
Advisory Published
Vulnetix · Advisory published September 21, 2019
The updated thunderbird packages fix security issues: Covert Content Attack on S/MIME encryption using a crafted multipart/ alternative message. (CVE-2019-11739) Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, Firefox ESR 60.9, Thunderbird 68.1, and Thunderbird 60.9. (CVE-2019-11740) Same-origin policy violation with SVG filters and canvas to steal cross-origin images. (CVE-2019-11742) Cross-origin access to unload event attributes. (CVE-2019-11743) XSS by breaking out of title and textarea elements using innerHTML. (CVE-2019-11744) Use-after-free while manipulating video. (CVE-2019-11746) Use-after-free while extracting a key value in IndexedDB. (CVE-2019-11752)
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiathunderbird-l10n0 (affected), 68.1.0-1.mga7 (unaffected)
Mageiathunderbird0 (affected), 68.1.0-1.1.mga7 (unaffected)

References

Updated thunderbird packages fix security vulnerabilities
advisory
Updated thunderbird packages fix security vulnerabilities
issue
Updated thunderbird packages fix security vulnerabilities
issue
Updated thunderbird packages fix security vulnerabilities
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›