CVE-2021-38505 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	Yes
Type	Information disclosure
Description	A security issue has been found in Firefox before version 94 and Thunderbird before version 91.3. Microsoft introduced a new feature in Windows 10 known as Cloud Clipboard which, if enabled, will record data copied to the clipboard to the cloud, and make it available on other computers in certain scenarios. Applications that wish to prevent copied data from being recorded in Cloud History must use specific clipboard formats; and Firefox before version 94 and Thunderbird before version 91.3 did not implement them. This could have caused sensitive data to be recorded to a user's Microsoft account. This bug only affects Firefox and Thunderbird for Windows 10+ with Cloud Clipboard enabled. Other operating systems are unaffected.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-2519	thunderbird	91.2.1-1	91.3.0-1	High	Not affected
AVG-2512	firefox	93.0-1	94.0-1	High	Not affected

References
https://www.mozilla.org/security/advisories/mfsa2021-48/ https://www.mozilla.org/security/advisories/mfsa2021-50/ https://bugzilla.mozilla.org/show_bug.cgi?id=1730194