AVG-2270 log

Package thunderbird
Status Fixed
Severity High
Type arbitrary code execution
Affected 78.12.0-1
Fixed 78.13.0-1
Current 128.4.4-1 [extra-testing]
128.4.3-1 [extra]
Ticket None
Created Tue Aug 10 15:33:20 2021
Issue Severity Remote Type Description
CVE-2021-29989 High Yes Arbitrary code execution
Mozilla developers reported memory safety bugs present in Firefox 90 and Thunderbird 78.12. Some of these bugs showed evidence of memory corruption and...
CVE-2021-29988 High Yes Arbitrary code execution
Firefox before version 91 and Thunderbird before version 78.13 incorrectly treated an inline list-item element as a block element, resulting in an out of...
CVE-2021-29986 High Yes Arbitrary code execution
A security issue has been found in Firefox before version 91 and Thunderbird before version 78.13. A suspected race condition when calling getaddrinfo() led...
CVE-2021-29985 Medium Yes Arbitrary code execution
A security issue has been found in Firefox before version 91 and Thunderbird before version 78.13. A use-after-free vulnerability in media channels could...
CVE-2021-29984 High Yes Arbitrary code execution
A security issue has been found in Firefox before version 91 and Thunderbird before version 78.13. Instruction reordering resulted in a sequence of...
CVE-2021-29980 High Yes Arbitrary code execution
A security issue has been found in Firefox before version 91 and Thunderbird before version 78.13. Uninitialized memory in a canvas object could have caused...
Notes
In general, these flaws cannot be exploited through email because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts.