Red Hat Security Advisory: thunderbird security update
🔗 CVE IDs covered (11)
📋 Description
CVE-2021-4129 — Mozilla: Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 CVE-2021-43528 — Mozilla: JavaScript unexpectedly enabled for the composition area CVE-2021-43536 — Mozilla: URL leakage when navigating while executing asynchronous function CVE-2021-43537 — Mozilla: Heap buffer overflow when using structured clone CVE-2021-43538 — Mozilla: Missing fullscreen and pointer lock notification when requesting both CVE-2021-43539 — Mozilla: GC rooting failure when calling wasm instance methods CVE-2021-43541 — Mozilla: External protocol handler parameters were unescaped CVE-2021-43542 — Mozilla: XMLHttpRequest error codes could have leaked the existence of an external protocol handler CVE-2021-43543 — Mozilla: Bypass of CSP sandbox directive when embedding CVE-2021-43545 — Mozilla: Denial of Service when using the Location API in a loop CVE-2021-43546 — Mozilla: Cursor spoofing could overlay user interface when native cursor is zoomed
🔗 References (14)
- selfhttps://access.redhat.com/errata/RHSA-2021:5046
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2030105
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2030106
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2030109
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2030110
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2030111
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2030112
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2030113
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2030114
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2030115
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2030116
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2030137
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5046.json