Mozilla Thunderbird is vulnerable to type confusion due to wrong type inferencing for constructors entered through on-stack replacement with IonMonkey.
access.redhat.com/errata/RHSA-2019:0680
access.redhat.com/errata/RHSA-2019:0966
access.redhat.com/errata/RHSA-2019:1144
access.redhat.com/security/updates/classification/#important
bugzilla.mozilla.org/show_bug.cgi?id=1530958
www.mozilla.org/en-US/security/advisories/mfsa2019-11/
www.mozilla.org/en-US/security/advisories/mfsa2019-12/
www.mozilla.org/security/advisories/mfsa2019-07/
www.mozilla.org/security/advisories/mfsa2019-08/
www.mozilla.org/security/advisories/mfsa2019-11/