Описание
During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird < 78.7.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1:78.8.1+build1-0ubuntu0.18.04.1 |
| devel | released | 1:78.7.0+build2-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | released | 1:78.7.1+build1-0ubuntu0.20.04.1 |
| groovy | released | 1:78.7.1+build1-0ubuntu0.20.10.4 |
| hirsute | released | 1:78.7.0+build2-0ubuntu1 |
| impish | released | 1:78.7.0+build2-0ubuntu1 |
| jammy | released | 1:78.7.0+build2-0ubuntu1 |
| kinetic | released | 1:78.7.0+build2-0ubuntu1 |
Показывать по
EPSS
8.8 High
CVSS3
Связанные уязвимости
During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird < 78.7.
During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird < 78.7.
During the plaintext phase of the STARTTLS connection setup, protocol ...
During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird < 78.7.
Уязвимость почтового клиента Thunderbird, связанная с недостаточной проверкой вводимых данных на этапе настройки соединения IMAP STARTTLS, позволяющая нарушителю оказать воздействие на конфиденциальность и целостность защищаемой информации
EPSS
8.8 High
CVSS3