CVE-2025-0510
Publication date 4 February 2025
Last updated 19 June 2026
Ubuntu priority
Description
Thunderbird displayed an incorrect sender address if the From field of an email used the invalid group name syntax that is described in CVE-2024-49040. This vulnerability affects Thunderbird < 128.7 and Thunderbird < 135.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| thunderbird | ||
| 24.04 LTS noble |
Not affected
|
|
| 22.04 LTS jammy |
Fixed 1:128.12.0+build1-0ubuntu0.22.04.1
|
|
| 20.04 LTS focal | Not in release |
Severity score breakdown
CVSS version: CVSS v3.0
Base score
6.5 · Medium
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
References
Related Ubuntu Security Notices (USN)
- USN-7663-1
- Thunderbird vulnerabilities
- 22 July 2025