Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:mozilla/Thunderbird@60.7.0
purl pkg:mozilla/Thunderbird@60.7.0
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-2z7p-2uj3-2qfb If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main thread and any worker threads. *Note: users need to update to macOS 10.14.5 in order to take advantage of this change.* CVE-2019-9815

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-01T13:17:20.304837+00:00 Mozilla Importer Fixing VCID-2z7p-2uj3-2qfb https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2019/mfsa2019-15.yml 38.0.0