Vulnerabilities > Mozilla > Thunderbird > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-08 | CVE-2021-43537 | Incorrect Type Conversion or Cast vulnerability in multiple products An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash. | 8.8 |
| 2021-12-08 | CVE-2021-43539 | Use After Free vulnerability in multiple products Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. | 8.8 |
| 2021-11-03 | CVE-2021-29991 | HTTP Request Smuggling vulnerability in Mozilla Thunderbird Firefox incorrectly accepted a newline in a HTTP/3 header, interpretting it as two separate headers. | 8.1 |
| 2021-11-03 | CVE-2021-38493 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in Firefox 91 and Firefox ESR 78.13. | 8.8 |
| 2021-11-03 | CVE-2021-38495 | Out-of-bounds Write vulnerability in Mozilla Firefox ESR Mozilla developers reported memory safety bugs present in Thunderbird 78.13.0. | 8.8 |
| 2021-11-03 | CVE-2021-38496 | Use After Free vulnerability in multiple products During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash. | 8.8 |
| 2021-11-03 | CVE-2021-38498 | Use After Free vulnerability in Mozilla Firefox During process shutdown, a document could have caused a use-after-free of a languages service object, leading to memory corruption and a potentially exploitable crash. | 7.5 |
| 2021-11-03 | CVE-2021-38500 | Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. | 8.8 |
| 2021-11-03 | CVE-2021-38501 | Unspecified vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. | 8.8 |
| 2021-08-17 | CVE-2021-29980 | Missing Initialization of Resource vulnerability in Mozilla Thunderbird Uninitialized memory in a canvas object could have caused an incorrect free() leading to memory corruption and a potentially exploitable crash. | 8.8 |