VulnerableCode Package Details - pkg:alpm/archlinux/thunderbird@68.8.1-1

Search for packages

Package details: pkg:alpm/archlinux/thunderbird@68.8.1-1

Essentials
History (20)

purl	pkg:alpm/archlinux/thunderbird@68.8.1-1

Next non-vulnerable version	68.9.0-1
Latest non-vulnerable version	91.10-1
Risk	4.2

Vulnerabilities affecting this package (5)

Vulnerability	Summary	Fixed by
VCID-2b52-b4dy-aaae Aliases: CVE-2020-12410	Mozilla developers reported memory safety bugs present in Firefox 76 and Firefox ESR 68.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.	68.9.0-1 Affected by 0 other vulnerabilities.
VCID-3ewf-dckr-aaam Aliases: CVE-2020-12399	NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.	68.9.0-1 Affected by 0 other vulnerabilities.
VCID-dtgr-6wma-aaae Aliases: CVE-2020-12405	When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.	68.9.0-1 Affected by 0 other vulnerabilities.
VCID-mfz6-t932-aaap Aliases: CVE-2020-12398	If Thunderbird is configured to use STARTTLS for an IMAP server, and the server sends a PREAUTH response, then Thunderbird will continue with an unencrypted connection, causing email data to be sent without protection. This vulnerability affects Thunderbird < 68.9.0.	68.9.0-1 Affected by 0 other vulnerabilities.
VCID-re8g-wf24-aaar Aliases: CVE-2020-12406	Mozilla Developer Iain Ireland discovered a missing type check during unboxed objects removal, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.	68.9.0-1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:45:50.479748+00:00	Arch Linux Importer	Affected by	VCID-mfz6-t932-aaap	https://security.archlinux.org/AVG-1179	36.0.0
2025-03-28T07:45:50.459396+00:00	Arch Linux Importer	Affected by	VCID-3ewf-dckr-aaam	https://security.archlinux.org/AVG-1179	36.0.0
2025-03-28T07:45:50.438993+00:00	Arch Linux Importer	Affected by	VCID-dtgr-6wma-aaae	https://security.archlinux.org/AVG-1179	36.0.0
2025-03-28T07:45:50.418341+00:00	Arch Linux Importer	Affected by	VCID-re8g-wf24-aaar	https://security.archlinux.org/AVG-1179	36.0.0
2025-03-28T07:45:50.397746+00:00	Arch Linux Importer	Affected by	VCID-2b52-b4dy-aaae	https://security.archlinux.org/AVG-1179	36.0.0
2024-09-18T02:00:52.745553+00:00	Arch Linux Importer	Affected by	VCID-mfz6-t932-aaap	https://security.archlinux.org/AVG-1179	34.0.1
2024-09-18T02:00:52.713314+00:00	Arch Linux Importer	Affected by	VCID-3ewf-dckr-aaam	https://security.archlinux.org/AVG-1179	34.0.1
2024-09-18T02:00:52.688091+00:00	Arch Linux Importer	Affected by	VCID-dtgr-6wma-aaae	https://security.archlinux.org/AVG-1179	34.0.1
2024-09-18T02:00:52.662167+00:00	Arch Linux Importer	Affected by	VCID-re8g-wf24-aaar	https://security.archlinux.org/AVG-1179	34.0.1
2024-09-18T02:00:52.637006+00:00	Arch Linux Importer	Affected by	VCID-2b52-b4dy-aaae	https://security.archlinux.org/AVG-1179	34.0.1
2024-01-09T19:34:39.964324+00:00	Arch Linux Importer	Affected by	VCID-mfz6-t932-aaap	https://security.archlinux.org/AVG-1179	34.0.0rc2
2024-01-09T19:34:39.942212+00:00	Arch Linux Importer	Affected by	VCID-3ewf-dckr-aaam	https://security.archlinux.org/AVG-1179	34.0.0rc2
2024-01-09T19:34:39.920343+00:00	Arch Linux Importer	Affected by	VCID-dtgr-6wma-aaae	https://security.archlinux.org/AVG-1179	34.0.0rc2
2024-01-09T19:34:39.898359+00:00	Arch Linux Importer	Affected by	VCID-re8g-wf24-aaar	https://security.archlinux.org/AVG-1179	34.0.0rc2
2024-01-09T19:34:39.876922+00:00	Arch Linux Importer	Affected by	VCID-2b52-b4dy-aaae	https://security.archlinux.org/AVG-1179	34.0.0rc2
2024-01-03T22:27:10.027993+00:00	Arch Linux Importer	Affected by	VCID-mfz6-t932-aaap	https://security.archlinux.org/AVG-1179	34.0.0rc1
2024-01-03T22:27:10.001773+00:00	Arch Linux Importer	Affected by	VCID-3ewf-dckr-aaam	https://security.archlinux.org/AVG-1179	34.0.0rc1
2024-01-03T22:27:09.970748+00:00	Arch Linux Importer	Affected by	VCID-dtgr-6wma-aaae	https://security.archlinux.org/AVG-1179	34.0.0rc1
2024-01-03T22:27:09.949325+00:00	Arch Linux Importer	Affected by	VCID-re8g-wf24-aaar	https://security.archlinux.org/AVG-1179	34.0.0rc1
2024-01-03T22:27:09.927752+00:00	Arch Linux Importer	Affected by	VCID-2b52-b4dy-aaae	https://security.archlinux.org/AVG-1179	34.0.0rc1