Описание
Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key import task. If the task runs into a failure, the secret key may remain in memory in its unprotected state. This vulnerability affects Thunderbird < 78.8.1.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | thunderbird | Out of support scope | ||
| Red Hat Enterprise Linux 7 | thunderbird | Fixed | RHSA-2021:1192 | 14.04.2021 |
| Red Hat Enterprise Linux 8 | thunderbird | Fixed | RHSA-2021:1193 | 14.04.2021 |
| Red Hat Enterprise Linux 8.1 Extended Update Support | thunderbird | Fixed | RHSA-2021:1190 | 14.04.2021 |
| Red Hat Enterprise Linux 8.2 Extended Update Support | thunderbird | Fixed | RHSA-2021:1201 | 14.04.2021 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key import task. If the task runs into a failure, the secret key may remain in memory in its unprotected state. This vulnerability affects Thunderbird < 78.8.1.
Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key import task. If the task runs into a failure, the secret key may remain in memory in its unprotected state. This vulnerability affects Thunderbird < 78.8.1.
Thunderbird unprotects a secret OpenPGP key prior to using it for a de ...
Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key import task. If the task runs into a failure, the secret key may remain in memory in its unprotected state. This vulnerability affects Thunderbird < 78.8.1.
Уязвимость почтового клиента Thunderbird, связанная с ошибками при обработке криптографической подписи OpenPGP, позволяющая нарушителю оказать воздействие на конфиденциальность и целостность защищаемой информации
EPSS
7.5 High
CVSS3