Mozilla Thunderbird is vulnerable to bound check bypass. It does not properly perform bounds checking when Spectre mitigations are disabled.
access.redhat.com/errata/RHSA-2019:0680
access.redhat.com/errata/RHSA-2019:0966
access.redhat.com/errata/RHSA-2019:1144
access.redhat.com/security/updates/classification/#important
bugzilla.mozilla.org/show_bug.cgi?id=1528829
www.mozilla.org/en-US/security/advisories/mfsa2019-11/
www.mozilla.org/en-US/security/advisories/mfsa2019-12/
www.mozilla.org/security/advisories/mfsa2019-07/
www.mozilla.org/security/advisories/mfsa2019-08/
www.mozilla.org/security/advisories/mfsa2019-11/