VulnerableCode Package Details - pkg:alpm/archlinux/thunderbird@91.2.1-1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:alpm/archlinux/thunderbird@91.2.1-1

Essentials
History (8)

purl	pkg:alpm/archlinux/thunderbird@91.2.1-1

Next non-vulnerable version	91.3.0-1
Latest non-vulnerable version	91.10-1
Risk	4.5

Vulnerabilities affecting this package (8)

Vulnerability	Summary	Fixed by
VCID-b8c2-qrxm-sybt Aliases: CVE-2021-38508	Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.	91.3.0-1 Affected by 0 other vulnerabilities.
VCID-b911-qnc2-x3aj Aliases: CVE-2021-38509	Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.	91.3.0-1 Affected by 0 other vulnerabilities.
VCID-c51s-yenc-4yab Aliases: CVE-2021-38504	Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.	91.3.0-1 Affected by 0 other vulnerabilities.
VCID-ddem-1dt1-uff7 Aliases: CVE-2021-38503	Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.	91.3.0-1 Affected by 0 other vulnerabilities.
VCID-jy6e-d578-nkcg Aliases: CVE-2021-38507	Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.	91.3.0-1 Affected by 0 other vulnerabilities.
VCID-n4kc-y37w-qkdk Aliases: CVE-2021-38506	Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.	91.3.0-1 Affected by 0 other vulnerabilities.
VCID-t769-2t1u-57b6 Aliases: CVE-2021-38505	Microsoft introduced a new feature in Windows 10 known as Cloud Clipboard which, if enabled, will record data copied to the clipboard to the cloud, and make it available on other computers in certain scenarios. Applications that wish to prevent copied data from being recorded in Cloud History must use specific clipboard formats; and Firefox before versions 94 and ESR 91.3 did not implement them. This could have caused sensitive data to be recorded to a user's Microsoft account.This bug only affects Firefox for Windows 10+ with Cloud Clipboard enabled. Other operating systems are unaffected.	91.3.0-1 Affected by 0 other vulnerabilities.
VCID-yfmg-82tr-gfec Aliases: CVE-2021-38510	The executable file warning was not presented when downloading .inetloc files, which, due to a flaw in Mac OS, can run commands on a user's computer.Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.	91.3.0-1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T18:25:17.808415+00:00	Arch Linux Importer	Affected by	VCID-ddem-1dt1-uff7	https://security.archlinux.org/AVG-2518	38.0.0
2026-04-01T18:25:17.784440+00:00	Arch Linux Importer	Affected by	VCID-c51s-yenc-4yab	https://security.archlinux.org/AVG-2518	38.0.0
2026-04-01T18:25:17.761501+00:00	Arch Linux Importer	Affected by	VCID-n4kc-y37w-qkdk	https://security.archlinux.org/AVG-2518	38.0.0
2026-04-01T18:25:17.739295+00:00	Arch Linux Importer	Affected by	VCID-jy6e-d578-nkcg	https://security.archlinux.org/AVG-2518	38.0.0
2026-04-01T18:25:17.715836+00:00	Arch Linux Importer	Affected by	VCID-b8c2-qrxm-sybt	https://security.archlinux.org/AVG-2518	38.0.0
2026-04-01T18:25:17.692331+00:00	Arch Linux Importer	Affected by	VCID-b911-qnc2-x3aj	https://security.archlinux.org/AVG-2518	38.0.0
2026-04-01T18:25:17.665812+00:00	Arch Linux Importer	Affected by	VCID-t769-2t1u-57b6	https://security.archlinux.org/AVG-2519	38.0.0
2026-04-01T18:25:17.642403+00:00	Arch Linux Importer	Affected by	VCID-yfmg-82tr-gfec	https://security.archlinux.org/AVG-2519	38.0.0