Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2021-0995
CVE-2021-0995:
NixOS vulnerability analysis and mitigation
Overview
CVE-2021-0995 was disclosed in December 2021 as part of the Android Security Bulletin. The vulnerability affected Mozilla Thunderbird email client, specifically version 78.9.0 and earlier versions (Red Hat Advisory).
Technical details
The vulnerability was part of a security update for Mozilla Thunderbird that addressed multiple security issues. The update included fixes for texture upload into an unbound backing buffer that resulted in an out-of-bound read (CVE-2021-23981) and other memory safety bugs (Red Hat Advisory).
Impact
The vulnerability affected Red Hat Enterprise Linux 8.1 Extended Update Support systems, including versions for x86_64 and Power LE architectures, as well as Update Services for SAP Solutions (Red Hat Advisory).
Mitigation and workarounds
The vulnerability was addressed through an update to Thunderbird version 78.9.0. Users were advised to update their systems and restart all running instances of Thunderbird for the update to take effect (Red Hat Advisory).
Additional resources
Source: This report was generated using AI
Related NixOS vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management