| 0 |
| url |
VCID-1bt3-9xbp-3ugu |
| vulnerability_id |
VCID-1bt3-9xbp-3ugu |
| summary |
An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-43537
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1bt3-9xbp-3ugu |
|
| 1 |
| url |
VCID-1cnr-28vc-sqcy |
| vulnerability_id |
VCID-1cnr-28vc-sqcy |
| summary |
Uninitialized memory in a canvas object could have caused an incorrect free() leading to memory corruption and a potentially exploitable crash. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-29980
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1cnr-28vc-sqcy |
|
| 2 |
| url |
VCID-1h7r-rcqz-abay |
| vulnerability_id |
VCID-1h7r-rcqz-abay |
| summary |
The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash.
*Note: This issue only affected x86-32 platforms. Other platforms are unaffected.* |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-29945
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1h7r-rcqz-abay |
|
| 3 |
| url |
VCID-1nmu-sdab-2yhh |
| vulnerability_id |
VCID-1nmu-sdab-2yhh |
| summary |
If an object prototype was corrupted by an attacker, they would have been able to set undesired attributes on a JavaScript object, leading to privileged code execution. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-2200
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1nmu-sdab-2yhh |
|
| 4 |
| url |
VCID-1rhs-t2kk-pyh5 |
| vulnerability_id |
VCID-1rhs-t2kk-pyh5 |
| summary |
Constructing audio sinks could have lead to a race condition when playing audio files and closing windows. This could have lead to a use-after-free causing a potentially exploitable crash. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-22737
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1rhs-t2kk-pyh5 |
|
| 5 |
| url |
VCID-25bh-n5g8-w7fz |
| vulnerability_id |
VCID-25bh-n5g8-w7fz |
| summary |
An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the privileged parent process. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-1529
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-25bh-n5g8-w7fz |
|
| 6 |
| url |
VCID-38br-a5x4-ska5 |
| vulnerability_id |
VCID-38br-a5x4-ska5 |
| summary |
Firefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been used to probe the browser history. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-29916
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-38br-a5x4-ska5 |
|
| 7 |
| url |
VCID-3fws-ejra-mfa8 |
| vulnerability_id |
VCID-3fws-ejra-mfa8 |
| summary |
An out of date graphics library (Angle) likely contained vulnerabilities that could potentially be exploited. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-4127
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3fws-ejra-mfa8 |
|
| 8 |
| url |
VCID-3qt5-w1we-67hp |
| vulnerability_id |
VCID-3qt5-w1we-67hp |
| summary |
When generating the assembly code for MLoadTypedArrayElementHole, an incorrect AliasSet was used. In conjunction with another vulnerability this could have been used for an out of bounds memory read. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-28285
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3qt5-w1we-67hp |
|
| 9 |
| url |
VCID-3xnh-sesb-bfbv |
| vulnerability_id |
VCID-3xnh-sesb-bfbv |
| summary |
If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-34472
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3xnh-sesb-bfbv |
|
| 10 |
| url |
VCID-473a-9b6z-bufs |
| vulnerability_id |
VCID-473a-9b6z-bufs |
| summary |
The Opportunistic Encryption feature of HTTP2 (RFC 8164) allows a connection to be transparently upgraded to TLS while retaining the visual properties of an HTTP connection, including being same-origin with unencrypted connections on port 80. However, if a second encrypted port on the same IP address (e.g. port 8443) did not opt-in to opportunistic encryption; a network attacker could forward a connection from the browser to port 443 to port 8443, causing the browser to treat the content of port 8443 as same-origin with HTTP. This was resolved by disabling the Opportunistic Encryption feature, which had low usage. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-38507
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-473a-9b6z-bufs |
|
| 11 |
| url |
VCID-49pe-xh4r-uqab |
| vulnerability_id |
VCID-49pe-xh4r-uqab |
| summary |
Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-buffer-overflow causing a potentially exploitable crash. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-22738
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-49pe-xh4r-uqab |
|
| 12 |
| url |
VCID-4dx9-1499-gqcz |
| vulnerability_id |
VCID-4dx9-1499-gqcz |
| summary |
Previously Thunderbird for macOS and Linux would download temporary files to a user-specific directory in /tmp, but this behavior was changed to download them to /tmp where they could be affected by other local users. This behavior was reverted to the original, user-specific directory. *This bug only affects Thunderbird for macOS and Linux. Other operating systems are unaffected.* |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2022-26386
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4dx9-1499-gqcz |
|
| 13 |
| url |
VCID-4xhj-hee5-9qes |
| vulnerability_id |
VCID-4xhj-hee5-9qes |
| summary |
An improper implementation of the new iframe sandbox keyword allow-top-navigation-by-user-activation could lead to script execution without allow-scripts being present. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-29911
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4xhj-hee5-9qes |
|
| 14 |
| url |
VCID-5fw4-9nf9-h3d7 |
| vulnerability_id |
VCID-5fw4-9nf9-h3d7 |
| summary |
A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-23994
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5fw4-9nf9-h3d7 |
|
| 15 |
| url |
VCID-5h5r-wcta-a7au |
| vulnerability_id |
VCID-5h5r-wcta-a7au |
| summary |
A suspected race condition when calling getaddrinfo led to memory corruption and a potentially exploitable crash. *Note: This issue only affected Linux operating systems. Other operating systems are unaffected.* |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-29986
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5h5r-wcta-a7au |
|
| 16 |
| url |
VCID-65qx-jkez-8fgd |
| vulnerability_id |
VCID-65qx-jkez-8fgd |
| summary |
If a MIME encoded email contains an OpenPGP inline signed or encrypted message part, but also contains an additional unprotected part, Thunderbird did not indicate that only parts of the message are protected. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-29957
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-65qx-jkez-8fgd |
|
| 17 |
| url |
VCID-6drt-9b2u-m3hh |
| vulnerability_id |
VCID-6drt-9b2u-m3hh |
| summary |
Thunderbird unexpectedly enabled JavaScript in the composition area.
The JavaScript execution context was limited to this area and did not
receive chrome-level privileges, but could be used as a stepping stone
to further an attack with other vulnerabilities. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-43528
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6drt-9b2u-m3hh |
|
| 18 |
| url |
VCID-6k79-gy9s-33h4 |
| vulnerability_id |
VCID-6k79-gy9s-33h4 |
| summary |
Mozilla developers and community members Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 91.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2022-22764
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6k79-gy9s-33h4 |
|
| 19 |
| url |
VCID-6krg-whdf-sbfp |
| vulnerability_id |
VCID-6krg-whdf-sbfp |
| summary |
Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-43542
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6krg-whdf-sbfp |
|
| 20 |
| url |
VCID-6mx3-erwd-9fb6 |
| vulnerability_id |
VCID-6mx3-erwd-9fb6 |
| summary |
When receiving an OpenPGP/MIME signed email message that contains an
additional outer MIME message layer, for example a message footer added by a
mailing list gateway, Thunderbird only considered the inner signed message for
the signature validity. This gave the false impression that the additional contents
were also covered by the digital signature. Starting with Thunderbird version 91.4.1,
only the signature that belongs to the top level MIME part will be considered for
the displayed status. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-4126
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6mx3-erwd-9fb6 |
|
| 21 |
|
| 22 |
| url |
VCID-7ex1-ufcv-5yg8 |
| vulnerability_id |
VCID-7ex1-ufcv-5yg8 |
| summary |
If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-23999
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7ex1-ufcv-5yg8 |
|
| 23 |
| url |
VCID-7juy-9d9m-q3ak |
| vulnerability_id |
VCID-7juy-9d9m-q3ak |
| summary |
Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100 and Firefox ESR 91.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-31747
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7juy-9d9m-q3ak |
|
| 24 |
| url |
VCID-7nqh-truu-7khb |
| vulnerability_id |
VCID-7nqh-truu-7khb |
| summary |
Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-29946
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7nqh-truu-7khb |
|
| 25 |
| url |
VCID-7s6p-8cx2-bybs |
| vulnerability_id |
VCID-7s6p-8cx2-bybs |
| summary |
Due to an unusual sequence of attacker-controlled events, a Javascript alert() dialog with arbitrary (although unstyled) contents could be displayed over top an uncontrolled webpage of the attacker's choosing. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-38509
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7s6p-8cx2-bybs |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
| url |
VCID-8th2-q8wd-tyec |
| vulnerability_id |
VCID-8th2-q8wd-tyec |
| summary |
The Mozilla Fuzzing Team reported potential vulnerabilities present in Firefox 101 and Firefox ESR 91.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-34484
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8th2-q8wd-tyec |
|
| 30 |
| url |
VCID-8x8f-1u2g-subu |
| vulnerability_id |
VCID-8x8f-1u2g-subu |
| summary |
A use-after-free could have occurred when an HTTP2 session object was released on a different thread, leading to memory corruption and a potentially exploitable crash. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-43535
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8x8f-1u2g-subu |
|
| 31 |
|
| 32 |
| url |
VCID-918z-26zm-67hc |
| vulnerability_id |
VCID-918z-26zm-67hc |
| summary |
Mozilla developers Christoph Kerschbaumer, Simon Giesecke, Sandor Molnar, and Olli Pettay reported memory safety bugs present in Thunderbird 78.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-29989
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-918z-26zm-67hc |
|
| 33 |
| url |
VCID-9ecm-dv8p-7ydz |
| vulnerability_id |
VCID-9ecm-dv8p-7ydz |
| summary |
When viewing an email message A, which contains an attached message B, where B is encrypted or digitally signed or both, Thunderbird may show an incorrect encryption or signature status. After opening and viewing the attached message B, when returning to the display of message A, the message A might be shown with the security status of message B. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2022-1520
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9ecm-dv8p-7ydz |
|
| 34 |
| url |
VCID-9nc3-6nbk-cqgs |
| vulnerability_id |
VCID-9nc3-6nbk-cqgs |
| summary |
If a user installed an extension of a particular type, the extension could have auto-updated itself and while doing so, bypass the prompt which grants the new version the new requested permissions. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2022-22754
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9nc3-6nbk-cqgs |
|
| 35 |
| url |
VCID-ab23-e5u8-ykck |
| vulnerability_id |
VCID-ab23-e5u8-ykck |
| summary |
Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-29948
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ab23-e5u8-ykck |
|
| 36 |
| url |
VCID-awaj-87fh-hbfj |
| vulnerability_id |
VCID-awaj-87fh-hbfj |
| summary |
Mozilla developers and community members Christian Holler, Valentin Gosu, and Andrew McCreight reported memory safety bugs present in Firefox 93 and Firefox ESR 91.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-43534
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-awaj-87fh-hbfj |
|
| 37 |
|
| 38 |
| url |
VCID-bnuz-8g1t-ybc2 |
| vulnerability_id |
VCID-bnuz-8g1t-ybc2 |
| summary |
The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-38503
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bnuz-8g1t-ybc2 |
|
| 39 |
| url |
VCID-bv8a-p6r5-17cz |
| vulnerability_id |
VCID-bv8a-p6r5-17cz |
| summary |
If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable crash. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-28281
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bv8a-p6r5-17cz |
|
| 40 |
| url |
VCID-bvhn-6mnr-vyas |
| vulnerability_id |
VCID-bvhn-6mnr-vyas |
| summary |
An attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have led to cross-origin account linking in violation of WebAuthn goals. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-31742
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bvhn-6mnr-vyas |
|
| 41 |
| url |
VCID-c8kq-mxnk-rugf |
| vulnerability_id |
VCID-c8kq-mxnk-rugf |
| summary |
Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-free causing a potentially exploitable crash. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-43539
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-c8kq-mxnk-rugf |
|
| 42 |
|
| 43 |
| url |
VCID-ceu2-6hth-pqhp |
| vulnerability_id |
VCID-ceu2-6hth-pqhp |
| summary |
In the nsTArray_Impl::ReplaceElementsAt() function, an integer overflow could have occurred when the number of elements to replace was too large for the container. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-34481
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ceu2-6hth-pqhp |
|
| 44 |
| url |
VCID-ceyf-44hp-4yas |
| vulnerability_id |
VCID-ceyf-44hp-4yas |
| summary |
Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-22748
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ceyf-44hp-4yas |
|
| 45 |
| url |
VCID-cjrw-f991-e7fr |
| vulnerability_id |
VCID-cjrw-f991-e7fr |
| summary |
Mozilla developers and community members Andreas Pehrson and Christian Holler reported memory safety bugs present in Thunderbird 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-38500
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cjrw-f991-e7fr |
|
| 46 |
|
| 47 |
| url |
VCID-d33d-6x1s-kyfp |
| vulnerability_id |
VCID-d33d-6x1s-kyfp |
| summary |
An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self signature, and the Thunderbird user imports the crafted key, then Thunderbird may try to use the invalid subkey, but the RNP library rejects it from being used, causing encryption to fail. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-23993
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-d33d-6x1s-kyfp |
|
| 48 |
| url |
VCID-d78u-x2t8-vkfg |
| vulnerability_id |
VCID-d78u-x2t8-vkfg |
| summary |
When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-38504
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-d78u-x2t8-vkfg |
|
| 49 |
| url |
VCID-d87g-azms-gqbm |
| vulnerability_id |
VCID-d87g-azms-gqbm |
| summary |
Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS signatures.Note: This advisory was added on January 17, 2023 after discovering it was inadvertently left out of the original advisory. The fix was included in the original release of Thunderbird 91.3. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-43529
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-d87g-azms-gqbm |
|
| 50 |
| url |
VCID-dgm8-wwst-kbe2 |
| vulnerability_id |
VCID-dgm8-wwst-kbe2 |
| summary |
An attacker could have injected CSS into stylesheets accessible via internal URIs, such as resource:, and in doing so bypass a page's Content Security Policy. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-31744
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dgm8-wwst-kbe2 |
|
| 51 |
| url |
VCID-dh5x-c794-tqbw |
| vulnerability_id |
VCID-dh5x-c794-tqbw |
| summary |
If an attacker could control the contents of an iframe sandboxed with allow-popups but not allow-scripts, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2022-26384
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dh5x-c794-tqbw |
|
| 52 |
| url |
VCID-du9t-tmex-akfm |
| vulnerability_id |
VCID-du9t-tmex-akfm |
| summary |
Mozilla developers and community members Nika Layzell, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 91.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-28289
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-du9t-tmex-akfm |
|
| 53 |
| url |
VCID-dvbc-un9c-dka7 |
| vulnerability_id |
VCID-dvbc-un9c-dka7 |
| summary |
Mozilla developers and community members Matthew Gregan, Tyson Smith, Julien Wajsberg, and Alexis Beingessner reported memory safety bugs present in Firefox 86 and Firefox ESR 78.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-23987
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dvbc-un9c-dka7 |
|
| 54 |
| url |
VCID-egmy-hc3v-eyen |
| vulnerability_id |
VCID-egmy-hc3v-eyen |
| summary |
Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key import task. If the task runs into a failure, the secret key may remain in memory in its unprotected state. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-29950
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-egmy-hc3v-eyen |
|
| 55 |
| url |
VCID-et8w-z5dr-ryaz |
| vulnerability_id |
VCID-et8w-z5dr-ryaz |
| summary |
An OpenPGP digital signature includes information about the date when the signature was created. When displaying an email that contains a digital signature, the email's date will be shown. If the dates were different, then Thunderbird didn't report the email as having an invalid signature. If an attacker performed a replay attack, in which an old email with old contents are resent at a later time, it could lead the victim to believe that the statements in the email are current. Fixed versions of Thunderbird will require that the signature's date roughly matches the displayed date of the email. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2022-2226
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-et8w-z5dr-ryaz |
|
| 56 |
| url |
VCID-ewjv-u485-dqg9 |
| vulnerability_id |
VCID-ewjv-u485-dqg9 |
| summary |
If Thunderbird was configured to use STARTTLS for an IMAP connection, and an attacker injected IMAP server responses prior to the completion of the STARTTLS handshake, then Thunderbird didn't ignore the injected data. This could have resulted in Thunderbird showing incorrect information, for example the attacker could have tricked Thunderbird to show folders that didn't exist on the IMAP server. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-29969
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ewjv-u485-dqg9 |
|
| 57 |
|
| 58 |
| url |
VCID-f9nt-79kq-6kbf |
| vulnerability_id |
VCID-f9nt-79kq-6kbf |
| summary |
When exiting fullscreen mode, an iframe could have confused the browser about the current state of fullscreen, resulting in potential user confusion or spoofing attacks. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-31738
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-f9nt-79kq-6kbf |
|
| 59 |
| url |
VCID-fhb3-5sbs-s7cq |
| vulnerability_id |
VCID-fhb3-5sbs-s7cq |
| summary |
When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-23995
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fhb3-5sbs-s7cq |
|
| 60 |
| url |
VCID-fn1d-vq36-mkeu |
| vulnerability_id |
VCID-fn1d-vq36-mkeu |
| summary |
When installing an add-on, Thunderbird verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Thunderbird would not have noticed. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2022-26387
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fn1d-vq36-mkeu |
|
| 61 |
|
| 62 |
| url |
VCID-gphr-qsyj-63gz |
| vulnerability_id |
VCID-gphr-qsyj-63gz |
| summary |
Due to a layout change, iframe contents could have been rendered outside of its border. This could have led to user confusion or spoofing attacks. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-28286
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gphr-qsyj-63gz |
|
| 63 |
| url |
VCID-gtat-vu5d-7qgu |
| vulnerability_id |
VCID-gtat-vu5d-7qgu |
| summary |
If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-1802
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gtat-vu5d-7qgu |
|
| 64 |
| url |
VCID-gu45-bq8y-wude |
| vulnerability_id |
VCID-gu45-bq8y-wude |
| summary |
It was possible to recreate previous cursor spoofing attacks against users with a zoomed native cursor. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-43546
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gu45-bq8y-wude |
|
| 65 |
| url |
VCID-h4xg-mvnj-fbd6 |
| vulnerability_id |
VCID-h4xg-mvnj-fbd6 |
| summary |
When importing a revoked key that specified key compromise as the revocation reason, Thunderbird did not update the existing copy of the key that was not yet revoked, and the existing key was kept as non-revoked. Revocation statements that used another revocation reason, or that didn't specify a revocation reason, were unaffected. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2022-1197
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-h4xg-mvnj-fbd6 |
|
| 66 |
| url |
VCID-h7ha-a8cy-xber |
| vulnerability_id |
VCID-h7ha-a8cy-xber |
| summary |
If a user was convinced to drag and drop an image to their desktop or other folder, the resulting object could have been changed into an executable script which would have run arbitrary code after the user clicked on it. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2022-22756
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-h7ha-a8cy-xber |
|
| 67 |
| url |
VCID-hg2h-8qks-y3df |
| vulnerability_id |
VCID-hg2h-8qks-y3df |
| summary |
Web-accessible extension pages (pages with a moz-extension:// scheme) were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2022-22761
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hg2h-8qks-y3df |
|
| 68 |
|
| 69 |
| url |
VCID-j7v9-pfg1-v3c7 |
| vulnerability_id |
VCID-j7v9-pfg1-v3c7 |
| summary |
Mozilla developers Emil Ghitta, Tyson Smith, Valentin Gosu, Olli Pettay, and Randell Jesup reported memory safety bugs present in Firefox 89 and Firefox ESR 78.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-29976
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j7v9-pfg1-v3c7 |
|
| 70 |
| url |
VCID-jf7m-tfa7-rkf1 |
| vulnerability_id |
VCID-jf7m-tfa7-rkf1 |
| summary |
Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99 and Firefox ESR 91.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-29917
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jf7m-tfa7-rkf1 |
|
| 71 |
| url |
VCID-k2j6-9g1f-5fh7 |
| vulnerability_id |
VCID-k2j6-9g1f-5fh7 |
| summary |
Certain network request objects were freed too early when releasing a network request handle. This could have lead to a use-after-free causing a potentially exploitable crash. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-22740
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-k2j6-9g1f-5fh7 |
|
| 72 |
| url |
VCID-kgd7-w1fh-juaq |
| vulnerability_id |
VCID-kgd7-w1fh-juaq |
| summary |
When displaying the sender of an email, and the sender name contained the Braille Pattern Blank space character multiple times, Thunderbird would have displayed all the spaces. This could have been used by an attacker to send an email message with the attacker's digital signature, that was shown with an arbitrary sender email address chosen by the attacker. If the sender name started with a false email address, followed by many Braille space characters, the attacker's email address was not visible. Because Thunderbird compared the invisible sender address with the signature's email address, if the signing key or certificate was accepted by Thunderbird, the email was shown as having a valid digital signature. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-1834
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kgd7-w1fh-juaq |
|
| 73 |
| url |
VCID-maga-jq3w-1bfk |
| vulnerability_id |
VCID-maga-jq3w-1bfk |
| summary |
Mozilla developers Gabriele Svelto, Anny Gakhokidze, Alexandru Michis, Christian Holler reported memory safety bugs present in Firefox 88 and Firefox ESR 78.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-29967
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-maga-jq3w-1bfk |
|
| 74 |
| url |
VCID-mdqf-k97m-h3hx |
| vulnerability_id |
VCID-mdqf-k97m-h3hx |
| summary |
When reusing existing popups Firefox would have allowed them to cover the fullscreen notification UI, which could have enabled browser spoofing attacks. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-29914
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mdqf-k97m-h3hx |
|
| 75 |
|
| 76 |
| url |
VCID-mnc8-vfr4-s7a2 |
| vulnerability_id |
VCID-mnc8-vfr4-s7a2 |
| summary |
A malicious extension could have opened a popup window lacking an address bar. The title of the popup lacking an address bar should not be fully controllable, but in this situation was. This could have been used to spoof a website and attempt to trick the user into providing credentials. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-23984
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mnc8-vfr4-s7a2 |
|
| 77 |
|
| 78 |
| url |
VCID-mua8-1ggh-r7dr |
| vulnerability_id |
VCID-mua8-1ggh-r7dr |
| summary |
When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-43541
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mua8-1ggh-r7dr |
|
| 79 |
| url |
VCID-mv47-mh43-wfg1 |
| vulnerability_id |
VCID-mv47-mh43-wfg1 |
| summary |
A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash. *This bug only affected Firefox when accessibility was enabled.* |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-29970
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mv47-mh43-wfg1 |
|
| 80 |
| url |
VCID-myk6-n88n-s7bu |
| vulnerability_id |
VCID-myk6-n88n-s7bu |
| summary |
When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, and the malicious library has been copied to a directory that is contained in the search path for executable libraries, then Thunderbird will load the incorrect library. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-29949
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-myk6-n88n-s7bu |
|
| 81 |
| url |
VCID-n657-bctg-1few |
| vulnerability_id |
VCID-n657-bctg-1few |
| summary |
Instruction reordering resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection. This led to memory corruption and a potentially exploitable crash. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-29984
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-n657-bctg-1few |
|
| 82 |
| url |
VCID-n78y-94vg-6kek |
| vulnerability_id |
VCID-n78y-94vg-6kek |
| summary |
Thunderbird ignored the configuration to require STARTTLS security for an SMTP connection. A MITM could perform a downgrade attack to intercept transmitted messages, or could take control of the authenticated session to execute SMTP commands chosen by the MITM. If an unprotected authentication method was configured, the MITM could obtain the authentication credentials, too. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-38502
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-n78y-94vg-6kek |
|
| 83 |
| url |
VCID-ncap-puz5-x7hj |
| vulnerability_id |
VCID-ncap-puz5-x7hj |
| summary |
Documents loaded with the CSP sandbox directive could have escaped the sandbox's script restriction by embedding additional content. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-43543
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ncap-puz5-x7hj |
|
| 84 |
| url |
VCID-nm7b-hwnd-eud6 |
| vulnerability_id |
VCID-nm7b-hwnd-eud6 |
| summary |
The rust regex crate did not properly prevent crafted regular expressions from taking an arbitrary amount of time during parsing. If an attacker was able to supply input to this crate, they could have caused a denial of service in the browser. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-24713
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nm7b-hwnd-eud6 |
|
| 85 |
|
| 86 |
| url |
VCID-ntuu-tveg-fbht |
| vulnerability_id |
VCID-ntuu-tveg-fbht |
| summary |
If a document created a sandboxed iframe without allow-scripts, and subsequently appended an element to the iframe's document that e.g. had a JavaScript event handler - the event handler would have run despite the iframe's sandbox. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2022-22759
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ntuu-tveg-fbht |
|
| 87 |
| url |
VCID-nwsq-gzra-v3b4 |
| vulnerability_id |
VCID-nwsq-gzra-v3b4 |
| summary |
By using a link with rel="localization" a use-after-free could have been triggered by destroying an object during JavaScript execution and then referencing the object through a freed pointer, leading to a potential exploitable crash. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-28282
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nwsq-gzra-v3b4 |
|
| 88 |
| url |
VCID-pbb1-awzh-1ub2 |
| vulnerability_id |
VCID-pbb1-awzh-1ub2 |
| summary |
By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-43538
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pbb1-awzh-1ub2 |
|
| 89 |
| url |
VCID-ppcj-1ng5-53hq |
| vulnerability_id |
VCID-ppcj-1ng5-53hq |
| summary |
When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-24002
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ppcj-1ng5-53hq |
|
| 90 |
|
| 91 |
| url |
VCID-rasy-rzuh-bybu |
| vulnerability_id |
VCID-rasy-rzuh-bybu |
| summary |
When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-22742
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rasy-rzuh-bybu |
|
| 92 |
| url |
VCID-rhs1-h4t5-qfhn |
| vulnerability_id |
VCID-rhs1-h4t5-qfhn |
| summary |
When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses. This could have been abused to learn information cross-origin. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2022-22760
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rhs1-h4t5-qfhn |
|
| 93 |
|
| 94 |
|
| 95 |
| url |
VCID-stux-gscm-skgj |
| vulnerability_id |
VCID-stux-gscm-skgj |
| summary |
When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-22743
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-stux-gscm-skgj |
|
| 96 |
| url |
VCID-sze6-7w2j-5qgx |
| vulnerability_id |
VCID-sze6-7w2j-5qgx |
| summary |
Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-29909
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-sze6-7w2j-5qgx |
|
| 97 |
| url |
VCID-t42j-3sa7-dbdz |
| vulnerability_id |
VCID-t42j-3sa7-dbdz |
| summary |
Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network's hosts as well as services running on the user's local machine utilizing WebRTC connections. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-23982
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-t42j-3sa7-dbdz |
|
| 98 |
|
| 99 |
| url |
VCID-u2rj-qhkw-uqgf |
| vulnerability_id |
VCID-u2rj-qhkw-uqgf |
| summary |
A malicious website that could create a popup could have resized the popup to overlay the address bar with its own content, resulting in potential user confusion or spoofing attacks. *This bug only affects Firefox for Linux. Other operating systems are unaffected.* |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-34479
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-u2rj-qhkw-uqgf |
|
| 100 |
| url |
VCID-unnb-hcmb-tqep |
| vulnerability_id |
VCID-unnb-hcmb-tqep |
| summary |
By displaying a form validity message in the correct location at the same time as a permission prompt (such as for geolocation), the validity message could have obscured the prompt, resulting in the user potentially being tricked into granting the permission. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-38508
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-unnb-hcmb-tqep |
|
| 101 |
| url |
VCID-uqnd-w9j9-9yh7 |
| vulnerability_id |
VCID-uqnd-w9j9-9yh7 |
| summary |
A texture upload of a Pixel Buffer Object could have confused the WebGL code to skip binding the buffer used to unpack it, resulting in memory corruption and a potentially exploitable information leak or crash. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-23981
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-uqnd-w9j9-9yh7 |
|
| 102 |
| url |
VCID-uutx-g45d-1khs |
| vulnerability_id |
VCID-uutx-g45d-1khs |
| summary |
Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user ID, or by adding another user ID. If Thunderbird imports and accepts the crafted key, the Thunderbird user may falsely conclude that the false user ID belongs to the correspondent. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-23992
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-uutx-g45d-1khs |
|
| 103 |
| url |
VCID-v22e-ctub-efbx |
| vulnerability_id |
VCID-v22e-ctub-efbx |
| summary |
During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-38496
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-v22e-ctub-efbx |
|
| 104 |
|
| 105 |
|
| 106 |
| url |
VCID-w3cg-uv84-q3g5 |
| vulnerability_id |
VCID-w3cg-uv84-q3g5 |
| summary |
Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-38506
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-w3cg-uv84-q3g5 |
|
| 107 |
| url |
VCID-w6kt-w2ua-myfm |
| vulnerability_id |
VCID-w6kt-w2ua-myfm |
| summary |
An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-30547
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-w6kt-w2ua-myfm |
|
| 108 |
| url |
VCID-wfu5-qgs8-13ht |
| vulnerability_id |
VCID-wfu5-qgs8-13ht |
| summary |
After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-22747
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wfu5-qgs8-13ht |
|
| 109 |
| url |
VCID-wqye-9ny7-e7a3 |
| vulnerability_id |
VCID-wqye-9ny7-e7a3 |
| summary |
Thunderbird incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-29988
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wqye-9ny7-e7a3 |
|
| 110 |
| url |
VCID-wrq2-8htg-eqd3 |
| vulnerability_id |
VCID-wrq2-8htg-eqd3 |
| summary |
Mozilla developers Tyson Smith and Gabriele Svelto reported memory safety bugs present in Firefox 91 and Firefox ESR 78.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-38493
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wrq2-8htg-eqd3 |
|
| 111 |
| url |
VCID-wt46-dnb6-53g6 |
| vulnerability_id |
VCID-wt46-dnb6-53g6 |
| summary |
OpenPGP secret keys that were imported using Thunderbird version 78.8.1 up to version 78.10.1 were stored unencrypted on the user's local disk. The master password protection was inactive for those keys. Version 78.10.2 will restore the protection mechanism for newly imported keys, and will automatically protect keys that had been imported using affected Thunderbird versions. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-29956
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wt46-dnb6-53g6 |
|
| 112 |
| url |
VCID-xc8x-cub9-pkcd |
| vulnerability_id |
VCID-xc8x-cub9-pkcd |
| summary |
If a Thunderbird user has previously imported Alice's OpenPGP key, and Alice has extended the validity period of her key, but Alice's updated key has not yet been imported, an attacker may send an email containing a crafted version of Alice's key with an invalid subkey, Thunderbird might subsequently attempt to use the invalid subkey, and will fail to send encrypted email to Alice. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-23991
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xc8x-cub9-pkcd |
|
| 113 |
| url |
VCID-xdkv-a1r9-puc9 |
| vulnerability_id |
VCID-xdkv-a1r9-puc9 |
| summary |
Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-43536
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xdkv-a1r9-puc9 |
|
| 114 |
| url |
VCID-xnm6-t57z-nbde |
| vulnerability_id |
VCID-xnm6-t57z-nbde |
| summary |
Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-22751
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xnm6-t57z-nbde |
|
| 115 |
| url |
VCID-xv8k-7bdk-wffg |
| vulnerability_id |
VCID-xv8k-7bdk-wffg |
| summary |
On arm64, WASM code could have resulted in incorrect assembly generation leading to a register allocation problem, and a potentially exploitable crash. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-31740
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xv8k-7bdk-wffg |
|
| 116 |
| url |
VCID-yfmn-xrkm-dycf |
| vulnerability_id |
VCID-yfmn-xrkm-dycf |
| summary |
Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported memory safety bugs present in Firefox 94. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-4129
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yfmn-xrkm-dycf |
|
| 117 |
| url |
VCID-yny3-7vjj-kyga |
| vulnerability_id |
VCID-yny3-7vjj-kyga |
| summary |
A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-29985
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yny3-7vjj-kyga |
|
| 118 |
| url |
VCID-ywbj-pvzd-77f5 |
| vulnerability_id |
VCID-ywbj-pvzd-77f5 |
| summary |
Thunderbird users who use the Matrix chat protocol were vulnerable
to a buffer overflow in libolm, that an attacker may trigger by a crafted
sequence of messages. The overflow content is partially controllable
by the attacker and limited to ASCII spaces and digits. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-44538
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ywbj-pvzd-77f5 |
|
| 119 |
|
| 120 |
| url |
VCID-zhwx-775r-t7fy |
| vulnerability_id |
VCID-zhwx-775r-t7fy |
| summary |
NSSToken objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-1097
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zhwx-775r-t7fy |
|
| 121 |
| url |
VCID-zjej-aua1-abbc |
| vulnerability_id |
VCID-zjej-aua1-abbc |
| summary |
Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-23998
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zjej-aua1-abbc |
|
| 122 |
| url |
VCID-zuvn-gw4m-47c9 |
| vulnerability_id |
VCID-zuvn-gw4m-47c9 |
| summary |
Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| purl |
pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1bt3-9xbp-3ugu |
|
| 1 |
| vulnerability |
VCID-1nmu-sdab-2yhh |
|
| 2 |
| vulnerability |
VCID-1rhs-t2kk-pyh5 |
|
| 3 |
| vulnerability |
VCID-25bh-n5g8-w7fz |
|
| 4 |
| vulnerability |
VCID-38br-a5x4-ska5 |
|
| 5 |
| vulnerability |
VCID-3qt5-w1we-67hp |
|
| 6 |
| vulnerability |
VCID-3xnh-sesb-bfbv |
|
| 7 |
| vulnerability |
VCID-473a-9b6z-bufs |
|
| 8 |
| vulnerability |
VCID-49pe-xh4r-uqab |
|
| 9 |
| vulnerability |
VCID-4dx9-1499-gqcz |
|
| 10 |
| vulnerability |
VCID-4xhj-hee5-9qes |
|
| 11 |
| vulnerability |
VCID-6drt-9b2u-m3hh |
|
| 12 |
| vulnerability |
VCID-6k79-gy9s-33h4 |
|
| 13 |
| vulnerability |
VCID-6krg-whdf-sbfp |
|
| 14 |
| vulnerability |
VCID-6mx3-erwd-9fb6 |
|
| 15 |
| vulnerability |
VCID-6yc1-jutk-1fcz |
|
| 16 |
| vulnerability |
VCID-7juy-9d9m-q3ak |
|
| 17 |
| vulnerability |
VCID-7s6p-8cx2-bybs |
|
| 18 |
| vulnerability |
VCID-8mx3-68nj-wkhc |
|
| 19 |
| vulnerability |
VCID-8pg7-szzq-mqc6 |
|
| 20 |
| vulnerability |
VCID-8sqq-nnpq-pkc2 |
|
| 21 |
| vulnerability |
VCID-8th2-q8wd-tyec |
|
| 22 |
| vulnerability |
VCID-8x8f-1u2g-subu |
|
| 23 |
| vulnerability |
VCID-8xck-dpza-gbaj |
|
| 24 |
| vulnerability |
VCID-9ecm-dv8p-7ydz |
|
| 25 |
| vulnerability |
VCID-9nc3-6nbk-cqgs |
|
| 26 |
| vulnerability |
VCID-awaj-87fh-hbfj |
|
| 27 |
| vulnerability |
VCID-b4nd-9kkf-guhe |
|
| 28 |
| vulnerability |
VCID-bnuz-8g1t-ybc2 |
|
| 29 |
| vulnerability |
VCID-bv8a-p6r5-17cz |
|
| 30 |
| vulnerability |
VCID-bvhn-6mnr-vyas |
|
| 31 |
| vulnerability |
VCID-c8kq-mxnk-rugf |
|
| 32 |
| vulnerability |
VCID-cbtq-agxw-57f7 |
|
| 33 |
| vulnerability |
VCID-ceu2-6hth-pqhp |
|
| 34 |
| vulnerability |
VCID-ceyf-44hp-4yas |
|
| 35 |
| vulnerability |
VCID-cjrw-f991-e7fr |
|
| 36 |
| vulnerability |
VCID-cz8b-p2t3-ebgy |
|
| 37 |
| vulnerability |
VCID-d78u-x2t8-vkfg |
|
| 38 |
| vulnerability |
VCID-d87g-azms-gqbm |
|
| 39 |
| vulnerability |
VCID-dgm8-wwst-kbe2 |
|
| 40 |
| vulnerability |
VCID-dh5x-c794-tqbw |
|
| 41 |
| vulnerability |
VCID-du9t-tmex-akfm |
|
| 42 |
| vulnerability |
VCID-et8w-z5dr-ryaz |
|
| 43 |
| vulnerability |
VCID-f31y-6u4c-t3a9 |
|
| 44 |
| vulnerability |
VCID-f9nt-79kq-6kbf |
|
| 45 |
| vulnerability |
VCID-fn1d-vq36-mkeu |
|
| 46 |
| vulnerability |
VCID-g79j-7c7e-tqgt |
|
| 47 |
| vulnerability |
VCID-gphr-qsyj-63gz |
|
| 48 |
| vulnerability |
VCID-gtat-vu5d-7qgu |
|
| 49 |
| vulnerability |
VCID-gu45-bq8y-wude |
|
| 50 |
| vulnerability |
VCID-h4xg-mvnj-fbd6 |
|
| 51 |
| vulnerability |
VCID-h7ha-a8cy-xber |
|
| 52 |
| vulnerability |
VCID-hg2h-8qks-y3df |
|
| 53 |
| vulnerability |
VCID-hgcq-j17a-73g2 |
|
| 54 |
| vulnerability |
VCID-jf7m-tfa7-rkf1 |
|
| 55 |
| vulnerability |
VCID-k2j6-9g1f-5fh7 |
|
| 56 |
| vulnerability |
VCID-kgd7-w1fh-juaq |
|
| 57 |
| vulnerability |
VCID-mdqf-k97m-h3hx |
|
| 58 |
| vulnerability |
VCID-me5q-nc1u-nudh |
|
| 59 |
| vulnerability |
VCID-mu7w-p8w8-hbfr |
|
| 60 |
| vulnerability |
VCID-mua8-1ggh-r7dr |
|
| 61 |
| vulnerability |
VCID-n78y-94vg-6kek |
|
| 62 |
| vulnerability |
VCID-ncap-puz5-x7hj |
|
| 63 |
| vulnerability |
VCID-nm7b-hwnd-eud6 |
|
| 64 |
| vulnerability |
VCID-nmh5-vmqu-v7au |
|
| 65 |
| vulnerability |
VCID-ntuu-tveg-fbht |
|
| 66 |
| vulnerability |
VCID-nwsq-gzra-v3b4 |
|
| 67 |
| vulnerability |
VCID-pbb1-awzh-1ub2 |
|
| 68 |
| vulnerability |
VCID-ptyd-s7mf-97dt |
|
| 69 |
| vulnerability |
VCID-rasy-rzuh-bybu |
|
| 70 |
| vulnerability |
VCID-rhs1-h4t5-qfhn |
|
| 71 |
| vulnerability |
VCID-s15k-b9am-r7dv |
|
| 72 |
| vulnerability |
VCID-s1bx-3697-jqeq |
|
| 73 |
| vulnerability |
VCID-stux-gscm-skgj |
|
| 74 |
| vulnerability |
VCID-sze6-7w2j-5qgx |
|
| 75 |
| vulnerability |
VCID-t6x1-8n3e-13cp |
|
| 76 |
| vulnerability |
VCID-u2rj-qhkw-uqgf |
|
| 77 |
| vulnerability |
VCID-unnb-hcmb-tqep |
|
| 78 |
| vulnerability |
VCID-v22e-ctub-efbx |
|
| 79 |
| vulnerability |
VCID-vbwy-936q-27fd |
|
| 80 |
| vulnerability |
VCID-vgjr-7typ-j7dm |
|
| 81 |
| vulnerability |
VCID-w3cg-uv84-q3g5 |
|
| 82 |
| vulnerability |
VCID-wfu5-qgs8-13ht |
|
| 83 |
| vulnerability |
VCID-xdkv-a1r9-puc9 |
|
| 84 |
| vulnerability |
VCID-xnm6-t57z-nbde |
|
| 85 |
| vulnerability |
VCID-xv8k-7bdk-wffg |
|
| 86 |
| vulnerability |
VCID-yfmn-xrkm-dycf |
|
| 87 |
| vulnerability |
VCID-ywbj-pvzd-77f5 |
|
| 88 |
| vulnerability |
VCID-za4p-xx3x-27c4 |
|
| 89 |
| vulnerability |
VCID-zhwx-775r-t7fy |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1 |
|
|
| aliases |
CVE-2021-23961
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zuvn-gw4m-47c9 |
|