| CVE-2021-38502 |
High |
Yes |
Man-in-the-middle |
Thunderbird before version 91.2 ignored the configuration to require STARTTLS security for an SMTP connection. A man-in-the-middle (MITM) could perform a... |
| CVE-2021-38501 |
High |
Yes |
Arbitrary code execution |
Mozilla developers and community members reported memory safety bugs present in Firefox 92 and Thunderbird 91.1. Some of these bugs showed evidence of... |
| CVE-2021-38500 |
High |
Yes |
Arbitrary code execution |
Mozilla developers and community members reported memory safety bugs present in Firefox 92 and Thunderbird 91.1. Some of these bugs showed evidence of... |
| CVE-2021-38498 |
Medium |
Yes |
Arbitrary code execution |
During process shutdown, a document could have caused a use-after-free of a languages service object, leading to memory corruption and a potentially... |
| CVE-2021-38497 |
Medium |
Yes |
Content spoofing |
Through use of reportValidity() and window.open(), a plain-text validation message could have been overlaid on another origin, leading to possible user... |
| CVE-2021-38496 |
High |
Yes |
Arbitrary code execution |
During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash. |
| CVE-2021-32810 |
Medium |
Yes |
Information disclosure |
In the crossbeam crate, one or more tasks in the worker queue could have been be popped twice instead of other tasks that are forgotten and never popped. If... |