Product:

Thunderbird

(Mozilla)
Repositories https://github.com/libevent/libevent
#Vulnerabilities 1352
Date Id Summary Products Score Patch Annotated
2021-02-26 CVE-2021-23978 Mozilla developers reported memory safety bugs present in Firefox 85 and Firefox ESR 78.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8. Debian_linux, Firefox, Firefox_esr, Thunderbird 8.8
2021-02-26 CVE-2021-23964 Mozilla developers reported memory safety bugs present in Firefox 84 and Firefox ESR 78.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7. Firefox, Firefox_esr, Thunderbird 8.8
2021-03-31 CVE-2021-23981 A texture upload of a Pixel Buffer Object could have confused the WebGL code to skip binding the buffer used to unpack it, resulting in memory corruption and a potentially exploitable information leak or crash. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and Thunderbird < 78.9. Firefox, Firefox_esr, Thunderbird 8.1
2021-03-31 CVE-2021-23987 Mozilla developers and community members reported memory safety bugs present in Firefox 86 and Firefox ESR 78.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and Thunderbird < 78.9. Firefox, Firefox_esr, Thunderbird 8.8
2020-07-09 CVE-2020-12405 When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9. Ubuntu_linux, Firefox, Firefox_esr, Thunderbird 5.3
2020-07-09 CVE-2020-12417 Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash. *Note: this issue only affects Firefox on ARM64 platforms.* This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0. Ubuntu_linux, Firefox, Firefox_esr, Thunderbird, Leap 8.8
2020-07-09 CVE-2020-12420 When trying to connect to a STUN server, a race condition could have caused a use-after-free of a pointer, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0. Ubuntu_linux, Firefox, Firefox_esr, Thunderbird, Leap 8.8
2020-08-10 CVE-2020-15655 A redirected HTTP request which is observed or modified through a web extension could bypass existing CORS checks, leading to potential disclosure of cross-origin information. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1. Ubuntu_linux, Firefox, Firefox_esr, Thunderbird, Leap 6.5
2020-10-01 CVE-2020-15673 Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3. Debian_linux, Firefox, Firefox_esr, Thunderbird, Leap 8.8
2020-10-22 CVE-2020-15683 Mozilla developers and community members reported memory safety bugs present in Firefox 81 and Firefox ESR 78.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.4, Firefox < 82, and Thunderbird < 78.4. Debian_linux, Firefox, Firefox_esr, Thunderbird, Leap 9.8