CVE-2019-17005
The plain text serializer used a fixed-size array for the number of
- elements it could process; however it was possible to overflow the static-sized array leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
Date published : 2020-01-08
https://www.mozilla.org/security/advisories/mfsa2019-36/