Debian Thunderbird vulnerabilities

CVE-2021-38505 [MEDIUM] CVE-2021-38505: firefox - Microsoft introduced a new feature in Windows 10 known as Cloud Clipboard which,... Microsoft introduced a new feature in Windows 10 known as Cloud Clipboard which, if enabled, will record data copied to the clipboard to the cloud, and make it available on other computers in certain scenarios. Applications that wish to prevent copied data from being recorded in Cloud History must use specific clipboard formats; and Firefox before versions 94 and

CVE-2021-38495 [HIGH] CVE-2021-38495: thunderbird - Mozilla developers reported memory safety bugs present in Thunderbird 78.13.0. S... Mozilla developers reported memory safety bugs present in Thunderbird 78.13.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.1 and Firefox ESR < 91.1. Scope: local bookworm: resolved bullseye: resolved forky:

CVE-2020-6825 [CRITICAL] CVE-2020-6825: firefox - Mozilla developers and community members Tyson Smith and Christian Holler report... Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR <

CVE-2020-6831 [CRITICAL] CVE-2020-6831: chromium - A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC.... A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. Scope: local bookworm: resolved (fixed in 83.0.4103.83-1) bullseye: resolved (fixed in 83.0.4103.83-1) forky: resolved

CVE-2020-15683 [CRITICAL] CVE-2020-15683: firefox - Mozilla developers and community members reported memory safety bugs present in ... Mozilla developers and community members reported memory safety bugs present in Firefox 81 and Firefox ESR 78.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.4, Firefox < 82, and Thunderbird < 78.4. Scope: l

CVE-2020-6814 [CRITICAL] CVE-2020-6814: firefox - Mozilla developers reported memory safety bugs present in Firefox and Thunderbir... Mozilla developers reported memory safety bugs present in Firefox and Thunderbird 68.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6. Scope: local sid

CVE-2020-12395 [CRITICAL] CVE-2020-12395: firefox - Mozilla developers and community members reported memory safety bugs present in ... Mozilla developers and community members reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. Scope:

CVE-2020-12420 [HIGH] CVE-2020-12420: firefox - When trying to connect to a STUN server, a race condition could have caused a us... When trying to connect to a STUN server, a race condition could have caused a use-after-free of a pointer, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0. Scope: local sid: resolved (fixed in 78.0-1)

CVE-2020-15678 [HIGH] CVE-2020-15678: firefox - When recursing through graphical layers while scrolling, an iterator may have be... When recursing through graphical layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free. This occurs because the function APZCTreeManager::ComputeClippedCompositionBounds did not follow iterator invalidation rules. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3. Scope: local sid: reso

CVE-2020-6819 [HIGH] CVE-2020-6819: firefox - Under certain conditions, when running the nsDocShell destructor, a race conditi... Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1. Scope: local sid: resolved (fixed in 74.0.1-1)

CVE-2020-6807 [HIGH] CVE-2020-6807: firefox - When a device was changed while a stream was about to be destroyed, the <code>st... When a device was changed while a stream was about to be destroyed, the stream-reinit task may have been executed after the stream was destroyed, causing a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6. Scope: local sid: resolved (fixed in 74.0-1)

CVE-2020-15685 [HIGH] CVE-2020-15685: thunderbird - During the plaintext phase of the STARTTLS connection setup, protocol commands c... During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird < 78.7. Scope: local bookworm: resolved (fixed in 1:78.7.0-1) bullseye: resolved (fixed in 1:78.7.0-1) forky: resolved (fixed in 1:78.7.0-1) sid: resolved (fixed in 1:78.7.0-1)

CVE-2020-6463 [HIGH] CVE-2020-6463: chromium - Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote... Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 83.0.4103.83-1) bullseye: resolved (fixed in 83.0.4103.83-1) forky: resolved (fixed in 83.0.4103.83-1) sid: resolved (fixed in 83.0.4103.83-1) trixie: resolved (fixed in 83.

CVE-2020-15656 [HIGH] CVE-2020-15656: firefox - JIT optimizations involving the Javascript arguments object could confuse later ... JIT optimizations involving the Javascript arguments object could confuse later optimizations. This risk was already mitigated by various precautions in the code, resulting in this bug rated at only moderate severity. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1. Scope: local sid: resolved (fixed in 79.0-1)

CVE-2020-26974 [HIGH] CVE-2020-26974: firefox - When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object coul... When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6. Scope: local sid: resolved (fixed in 84.0-1)

CVE-2020-26960 [HIGH] CVE-2020-26960: firefox - If the Compact() method was called on an nsTArray, the array could have been rea... If the Compact() method was called on an nsTArray, the array could have been reallocated without updating other pointers, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5. Scope: local sid: resolved (fixed in 83.0-1)

CVE-2020-15673 [HIGH] CVE-2020-15673: firefox - Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox... Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3. Scope: local sid: resolved (fixed

CVE-2020-6806 [HIGH] CVE-2020-6806: firefox - By carefully crafting promise resolutions, it was possible to cause an out-of-bo... By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during script execution. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6. Scope: local sid: resolved (fixed in 74.0

CVE-2020-15659 [HIGH] CVE-2020-15659: firefox - Mozilla developers and community members reported memory safety bugs present in ... Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 79, Firefox ESR < 68.11, Firefox ESR < 78.1, Thunderbird < 6

CVE-2020-26970 [HIGH] CVE-2020-26970: thunderbird - When reading SMTP server status codes, Thunderbird writes an integer value to a ... When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte. Depending on processor architecture and stack layout, this leads to stack corruption that may be exploitable. This vulnerability affects Thunderbird < 78.5.1. Scope: local bookworm: resolved (fixed in 1:78.5.1-1) bullse