Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2022-3034

Published: 1 September 2022

When receiving an HTML email that specified to load an <code>iframe</code> element from a remote location, a request to the remote document was sent. However, Thunderbird didn't display the document. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.

Priority

Medium

CVSS 3 base score: 4.3

Status

Package Release Status
thunderbird
Launchpad, Ubuntu, Debian
bionic
Released (1:102.2.2+build1-0ubuntu0.18.04.1)
focal
Released (1:102.2.2+build1-0ubuntu0.20.04.1)
jammy
Released (1:102.2.2+build1-0ubuntu0.22.04.1)
kinetic Needs triage

trusty Ignored
(out of standard support)
upstream
Released (91.13.1)
xenial Needs triage