New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 6.7
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update for MozillaThunderbird to version 60.5.1 fixes the following issues :
Security issues fixed (MFSA 2019-06 bsc#1125330):
- CVE-2018-18356: Fixed a Use-after-free in Skia.
- CVE-2019-5785: Fixed an Integer overflow in Skia.
- CVE-2018-18335: Fixed a Buffer overflow in Skia by default deactivating Canvas 2D. This issue does not affect Linuc distributions.
- CVE-2018-18509: Fixed a flaw which during verification of certain S/MIME signatures showing mistekenly that emails bring a valid sugnature.
SolutionUpdate the affected MozillaThunderbird packages.