CVE-2019-11745

When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. Date published : 2020-01-08 https://bugzilla.mozilla.org/show_bug.cgi?id=1586176

https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf