vulnerability

MFSA2018-13 Thunderbird: Security vulnerabilities fixed in Thunderbird 52.8 (CVE-2018-5162)

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

May 18, 2018

Added

May 22, 2018

Modified

Mar 27, 2026

Description

Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

Solution

mozilla-thunderbird-upgrade-52_8

References

CVE-2018-5162
https://attackerkb.com/topics/CVE-2018-5162
CWE-311
EUVD-EUVD-2018-16947
http://www.mozilla.org/security/announce/2018/mfsa2018-13.html
https://euvd.enisa.europa.eu/vulnerability/EUVD-2018-16947

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report