Thunderbird

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:x86:*

part: a version: * update: *

VendorMozilla (be1b0d4e-21a7-5a25-9982-bbda6ef43ec1)
ProductThunderbird (e5553559-8c71-58cd-a1a6-c5f5cf77e32f)
Edition*
Language*
Software edition*
Target software*
Target hardwarex86
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:deb/debian/thunderbird purl2cpe 2026-06-01 10:17:54.078145
pkg:mozilla/comm-central purl2cpe 2026-06-01 10:17:54.078147
pkg:rpm/fedora/thunderbird purl2cpe 2026-06-01 10:17:54.078148
pkg:rpm/opensuse/mozillathunderbird purl2cpe 2026-06-01 10:17:54.078150

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2021-29945 vulnerable 2026-06-03 14:44:20.959551 Details available
The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. *Note: This issue only affected x86-32 platforms. Other platforms are unaffected.*. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.
Published: 2021-06-24T13:19:50.000Z
Updated: 2024-08-03T22:18:03.472Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2018-12393 vulnerable 2026-06-03 14:38:04.266948 Details available
A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. This leads to a possible out-of-bounds write. *Note: 64-bit builds are not vulnerable to this issue.*. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3.
Published: 2019-02-28T18:00:00.000Z
Updated: 2024-08-05T08:31:00.111Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.