CVE-2021-38505 log

Severity High
Remote Yes
Type Information disclosure
A security issue has been found in Firefox before version 94 and Thunderbird before version 91.3. Microsoft introduced a new feature in Windows 10 known as Cloud Clipboard which, if enabled, will record data copied to the clipboard to the cloud, and make it available on other computers in certain scenarios. Applications that wish to prevent copied data from being recorded in Cloud History must use specific clipboard formats; and Firefox before version 94 and Thunderbird before version 91.3 did not implement them. This could have caused sensitive data to be recorded to a user's Microsoft account.

This bug only affects Firefox and Thunderbird for Windows 10+ with Cloud Clipboard enabled. Other operating systems are unaffected.
Group Package Affected Fixed Severity Status Ticket
AVG-2519 thunderbird 91.2.1-1 91.3.0-1 High Not affected
AVG-2512 firefox 93.0-1 94.0-1 High Not affected