Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/thunderbird@1:91.3.0-1?distro=trixie
purl pkg:deb/debian/thunderbird@1:91.3.0-1?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (9)
Vulnerability Summary Aliases
VCID-1ryc-yvxd-93e2 Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. CVE-2021-43529
VCID-b8c2-qrxm-sybt Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. CVE-2021-38508
VCID-b911-qnc2-x3aj Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. CVE-2021-38509
VCID-c51s-yenc-4yab Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. CVE-2021-38504
VCID-ddem-1dt1-uff7 Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. CVE-2021-38503
VCID-jy6e-d578-nkcg Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. CVE-2021-38507
VCID-k4e4-363e-xyff Mozilla developers and community members Christian Holler, Valentin Gosu, and Andrew McCreight reported memory safety bugs present in Firefox 93 and Firefox ESR 91.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. CVE-2021-43534
VCID-khsw-jwtm-8faq A use-after-free could have occurred when an HTTP2 session object was released on a different thread, leading to memory corruption and a potentially exploitable crash. CVE-2021-43535
VCID-n4kc-y37w-qkdk Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. CVE-2021-38506

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T13:27:34.632639+00:00 Debian Importer Fixing VCID-k4e4-363e-xyff https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T13:19:49.372641+00:00 Debian Importer Fixing VCID-ddem-1dt1-uff7 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:48:45.561831+00:00 Debian Importer Fixing VCID-c51s-yenc-4yab https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:45:28.379006+00:00 Debian Importer Fixing VCID-jy6e-d578-nkcg https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:41:44.524415+00:00 Debian Importer Fixing VCID-n4kc-y37w-qkdk https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:22:05.874016+00:00 Debian Importer Fixing VCID-1ryc-yvxd-93e2 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:10:48.089226+00:00 Debian Importer Fixing VCID-b8c2-qrxm-sybt https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:07:57.973196+00:00 Debian Importer Fixing VCID-khsw-jwtm-8faq https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:48:38.259422+00:00 Debian Importer Fixing VCID-b911-qnc2-x3aj https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T09:17:15.337857+00:00 Debian Importer Fixing VCID-k4e4-363e-xyff https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T09:11:10.094305+00:00 Debian Importer Fixing VCID-ddem-1dt1-uff7 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:47:23.934043+00:00 Debian Importer Fixing VCID-c51s-yenc-4yab https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:44:57.581492+00:00 Debian Importer Fixing VCID-jy6e-d578-nkcg https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:58:10.918805+00:00 Debian Importer Fixing VCID-n4kc-y37w-qkdk https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:44:25.623210+00:00 Debian Importer Fixing VCID-1ryc-yvxd-93e2 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:08:42.427438+00:00 Debian Importer Fixing VCID-b8c2-qrxm-sybt https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:07:01.308915+00:00 Debian Importer Fixing VCID-khsw-jwtm-8faq https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:55:10.627563+00:00 Debian Importer Fixing VCID-b911-qnc2-x3aj https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:54:34.061566+00:00 Debian Importer Fixing VCID-khsw-jwtm-8faq https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:54:34.014364+00:00 Debian Importer Fixing VCID-k4e4-363e-xyff https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:54:33.966395+00:00 Debian Importer Fixing VCID-1ryc-yvxd-93e2 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:54:33.641442+00:00 Debian Importer Fixing VCID-b911-qnc2-x3aj https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:54:33.592550+00:00 Debian Importer Fixing VCID-b8c2-qrxm-sybt https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:54:33.543516+00:00 Debian Importer Fixing VCID-jy6e-d578-nkcg https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:54:33.493600+00:00 Debian Importer Fixing VCID-n4kc-y37w-qkdk https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:54:33.404505+00:00 Debian Importer Fixing VCID-c51s-yenc-4yab https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:54:33.356725+00:00 Debian Importer Fixing VCID-ddem-1dt1-uff7 https://security-tracker.debian.org/tracker/data/json 38.1.0