{"id":"DEBIAN-CVE-2021-43545","details":"Using the Location API in a loop could have caused severe application hangs and crashes. This vulnerability affects Thunderbird \u003c 91.4.0, Firefox ESR \u003c 91.4.0, and Firefox \u003c 95.","modified":"2026-04-28T20:23:04.806644Z","published":"2021-12-08T22:15:10.050Z","upstream":["CVE-2021-43545"],"references":[{"type":"ADVISORY","url":"https://security-tracker.debian.org/tracker/CVE-2021-43545"}],"affected":[{"package":{"name":"firefox-esr","ecosystem":"Debian:11","purl":"pkg:deb/debian/firefox-esr?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"91.4.1esr-1~deb11u1"}]}],"versions":["78.12.0esr-1","78.13.0esr-1","78.13.0esr-1~deb10u1","78.13.0esr-1~deb11u1","78.13.0esr-1~deb9u1","78.14.0esr-1","78.14.0esr-1~deb10u1","78.14.0esr-1~deb11u1","78.14.0esr-1~deb9u1","78.15.0esr-1~deb10u1","78.15.0esr-1~deb11u1","78.15.0esr-1~deb9u1","91.0.1esr-1","91.0esr-1","91.1.0esr-1","91.2.0esr-1","91.3.0esr-1","91.3.0esr-2","91.4.0esr-1","91.4.1esr-1~deb9u1"],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2021-43545.json"}},{"package":{"name":"firefox-esr","ecosystem":"Debian:12","purl":"pkg:deb/debian/firefox-esr?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"91.4.0esr-1"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2021-43545.json"}},{"package":{"name":"firefox-esr","ecosystem":"Debian:13","purl":"pkg:deb/debian/firefox-esr?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"91.4.0esr-1"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2021-43545.json"}},{"package":{"name":"firefox-esr","ecosystem":"Debian:14","purl":"pkg:deb/debian/firefox-esr?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"91.4.0esr-1"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2021-43545.json"}},{"package":{"name":"thunderbird","ecosystem":"Debian:11","purl":"pkg:deb/debian/thunderbird?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:91.4.1-1~deb11u1"}]}],"versions":["1:78.12.0-1","1:78.13.0-1","1:78.13.0-1~deb10u1","1:78.13.0-1~deb11u1","1:78.13.0-1~deb9u1","1:78.14.0-1","1:78.14.0-1~deb10u1","1:78.14.0-1~deb11u1","1:78.14.0-1~deb9u1","1:84.0~b3-1","1:85.0~b3-1","1:86.0~b3-1","1:88.0~b2-1","1:89.0~b2-1","1:90.0~b2-1","1:91.0-1","1:91.0.2-1","1:91.0~b1-1","1:91.0~b3-1","1:91.0~b5-1","1:91.1.0-1","1:91.1.1-1","1:91.2.0-1","1:91.2.1-1","1:91.3.0-1","1:91.3.2-1","1:91.4.0-1","1:91.4.1-1~deb10u1","1:91.4.1-1~deb9u1"],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2021-43545.json"}},{"package":{"name":"thunderbird","ecosystem":"Debian:12","purl":"pkg:deb/debian/thunderbird?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:91.4.0-1"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2021-43545.json"}},{"package":{"name":"thunderbird","ecosystem":"Debian:13","purl":"pkg:deb/debian/thunderbird?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:91.4.0-1"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2021-43545.json"}},{"package":{"name":"thunderbird","ecosystem":"Debian:14","purl":"pkg:deb/debian/thunderbird?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:91.4.0-1"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2021-43545.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}