CVE-2025-2830
Publication date 15 April 2025
Last updated 22 July 2025
Ubuntu priority
Description
By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the victim's system. This vulnerability is not limited to Linux; similar behavior has been observed on Windows as well. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| thunderbird | 25.04 plucky |
Not affected
|
| 24.04 LTS noble |
Not affected
|
|
| 22.04 LTS jammy |
Fixed 1:128.12.0+build1-0ubuntu0.22.04.1
|
|
| 20.04 LTS focal | Not in release |
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
6.3 · Medium
|
| Attack vector | Network |
| Attack complexity | Low |
| Privileges required | None |
| User interaction | Required |
| Scope | Unchanged |
| Confidentiality | Low |
| Integrity impact | Low |
| Availability impact | Low |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
References
Related Ubuntu Security Notices (USN)
- USN-7663-1
- Thunderbird vulnerabilities
- 22 July 2025