firefox/thunderbird is vulnerable to denial of service. A remote attacker is able to crash the application through memory corruption, or potentially execute arbitrary code on the host.
access.redhat.com/errata/RHSA-2019:1267
access.redhat.com/security/updates/classification/#critical
bugzilla.mozilla.org/buglist.cgi?bug_id=1540166%2C1534593%2C1546327%2C1540136%2C1538736%2C1538042%2C1535612%2C1499719%2C1499108%2C1538619%2C1535194%2C1516325%2C1542324%2C1542097%2C1532465%2C1533554%2C1541580
www.mozilla.org/en-US/security/advisories/mfsa2019-14/
www.mozilla.org/security/advisories/mfsa2019-13/
www.mozilla.org/security/advisories/mfsa2019-14/
www.mozilla.org/security/advisories/mfsa2019-15/