{"id":"RHSA-2025:1339","summary":"Red Hat Security Advisory: thunderbird security update","modified":"2026-03-18T10:47:37Z","published":"2025-02-12T10:04:18Z","upstream":["CVE-2025-0510","CVE-2025-1009","CVE-2025-1010","CVE-2025-1011","CVE-2025-1012","CVE-2025-1013","CVE-2025-1014","CVE-2025-1015","CVE-2025-1016","CVE-2025-1017"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:1339"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343748"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343750"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343752"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343754"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343756"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343759"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343760"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343762"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343764"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343765"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_1339.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-0510"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-0510"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-0510"},{"type":"ARTICLE","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1940570"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2025-10/"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2025-11/"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-1009"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-1009"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-1009"},{"type":"ARTICLE","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1936613"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2025-07/"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2025-08/"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2025-09/"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-1010"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-1010"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-1010"},{"type":"ARTICLE","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1936982"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-1011"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-1011"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-1011"},{"type":"ARTICLE","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1936454"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-1012"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-1012"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-1012"},{"type":"ARTICLE","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1939710"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-1013"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-1013"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-1013"},{"type":"ARTICLE","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1932555"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-1014"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-1014"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-1014"},{"type":"ARTICLE","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1940804"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-1015"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-1015"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-1015"},{"type":"ARTICLE","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1939458"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-1016"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-1016"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-1016"},{"type":"ARTICLE","url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1936601%2C1936844%2C1937694%2C1938469%2C1939583%2C1940994"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-1017"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-1017"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-1017"},{"type":"ARTICLE","url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1926256%2C1935984%2C1935471"}],"affected":[{"package":{"name":"thunderbird","ecosystem":"Red Hat:rhel_aus:8.4::appstream","purl":"pkg:rpm/redhat/thunderbird"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:128.7.0-1.el8_4"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:1339.json"}},{"package":{"name":"thunderbird-debuginfo","ecosystem":"Red Hat:rhel_aus:8.4::appstream","purl":"pkg:rpm/redhat/thunderbird-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:128.7.0-1.el8_4"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:1339.json"}},{"package":{"name":"thunderbird-debugsource","ecosystem":"Red Hat:rhel_aus:8.4::appstream","purl":"pkg:rpm/redhat/thunderbird-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:128.7.0-1.el8_4"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:1339.json"}},{"package":{"name":"thunderbird","ecosystem":"Red Hat:rhel_e4s:8.4::appstream","purl":"pkg:rpm/redhat/thunderbird"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:128.7.0-1.el8_4"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:1339.json"}},{"package":{"name":"thunderbird-debuginfo","ecosystem":"Red Hat:rhel_e4s:8.4::appstream","purl":"pkg:rpm/redhat/thunderbird-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:128.7.0-1.el8_4"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:1339.json"}},{"package":{"name":"thunderbird-debugsource","ecosystem":"Red Hat:rhel_e4s:8.4::appstream","purl":"pkg:rpm/redhat/thunderbird-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:128.7.0-1.el8_4"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:1339.json"}},{"package":{"name":"thunderbird","ecosystem":"Red Hat:rhel_tus:8.4::appstream","purl":"pkg:rpm/redhat/thunderbird"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:128.7.0-1.el8_4"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:1339.json"}},{"package":{"name":"thunderbird-debuginfo","ecosystem":"Red Hat:rhel_tus:8.4::appstream","purl":"pkg:rpm/redhat/thunderbird-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:128.7.0-1.el8_4"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:1339.json"}},{"package":{"name":"thunderbird-debugsource","ecosystem":"Red Hat:rhel_tus:8.4::appstream","purl":"pkg:rpm/redhat/thunderbird-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:128.7.0-1.el8_4"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:1339.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}