{"id":"RHSA-2022:5475","summary":"Red Hat Security Advisory: thunderbird security update","modified":"2026-03-11T07:21:26.863556Z","published":"2024-09-16T08:32:54Z","upstream":["CVE-2022-2200","CVE-2022-2226","CVE-2022-31744","CVE-2022-34468","CVE-2022-34470","CVE-2022-34472","CVE-2022-34479","CVE-2022-34481","CVE-2022-34484"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2022:5475"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2102161"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2102162"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2102163"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2102164"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2102165"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2102166"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2102168"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2102169"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2102204"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_5475.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-2200"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-2200"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2200"},{"type":"ARTICLE","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-25/#CVE-2022-2200"},{"type":"ARTICLE","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-26/#CVE-2022-2200"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-2226"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-2226"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2226"},{"type":"ARTICLE","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-26/#CVE-2022-2226"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-31744"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-31744"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-31744"},{"type":"ARTICLE","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-25/#CVE-2022-31744"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-34468"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-34468"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34468"},{"type":"ARTICLE","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-25/#CVE-2022-34468"},{"type":"ARTICLE","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-26/#CVE-2022-34468"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-34470"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-34470"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34470"},{"type":"ARTICLE","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-25/#CVE-2022-34470"},{"type":"ARTICLE","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-26/#CVE-2022-34470"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-34472"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-34472"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34472"},{"type":"ARTICLE","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-25/#CVE-2022-34472"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-34479"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-34479"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34479"},{"type":"ARTICLE","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-25/#CVE-2022-34479"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-34481"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-34481"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34481"},{"type":"ARTICLE","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-25/#CVE-2022-34481"},{"type":"ARTICLE","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-26/#CVE-2022-34481"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-34484"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-34484"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34484"},{"type":"ARTICLE","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-25/#CVE-2022-34484"},{"type":"ARTICLE","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-26/#CVE-2022-34484"}],"affected":[{"package":{"name":"thunderbird","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/thunderbird"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:91.11.0-2.el8_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:5475.json"}},{"package":{"name":"thunderbird-debuginfo","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/thunderbird-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:91.11.0-2.el8_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:5475.json"}},{"package":{"name":"thunderbird-debugsource","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/thunderbird-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:91.11.0-2.el8_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:5475.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}