Количество 10
Количество 10
CVE-2021-23992
Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user ID, or by adding another user ID. If Thunderbird imports and accepts the crafted key, the Thunderbird user may falsely conclude that the false user ID belongs to the correspondent. This vulnerability affects Thunderbird < 78.9.1.
CVE-2021-23992
Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user ID, or by adding another user ID. If Thunderbird imports and accepts the crafted key, the Thunderbird user may falsely conclude that the false user ID belongs to the correspondent. This vulnerability affects Thunderbird < 78.9.1.
CVE-2021-23992
Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user ID, or by adding another user ID. If Thunderbird imports and accepts the crafted key, the Thunderbird user may falsely conclude that the false user ID belongs to the correspondent. This vulnerability affects Thunderbird < 78.9.1.
CVE-2021-23992
Thunderbird did not check if the user ID associated with an OpenPGP ke ...
GHSA-x89c-f42w-ch2g
Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user ID, or by adding another user ID. If Thunderbird imports and accepts the crafted key, the Thunderbird user may falsely conclude that the false user ID belongs to the correspondent. This vulnerability affects Thunderbird < 78.9.1.
BDU:2021-02196
Уязвимость почтового клиента Thunderbird, связанная c некорректной проверкой криптографической подписи OpenPGP, позволяющая нарушителю получить доступ к защищаемой информации
ELSA-2021-1193
ELSA-2021-1193: thunderbird security update (MODERATE)
ELSA-2021-1192
ELSA-2021-1192: thunderbird security update (MODERATE)
SUSE-SU-2021:1167-1
Security update for MozillaThunderbird
openSUSE-SU-2021:0580-1
Security update for MozillaThunderbird
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-23992 Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user ID, or by adding another user ID. If Thunderbird imports and accepts the crafted key, the Thunderbird user may falsely conclude that the false user ID belongs to the correspondent. This vulnerability affects Thunderbird < 78.9.1. | CVSS3: 4.3 | 0% Низкий | больше 4 лет назад |
 | CVE-2021-23992 Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user ID, or by adding another user ID. If Thunderbird imports and accepts the crafted key, the Thunderbird user may falsely conclude that the false user ID belongs to the correspondent. This vulnerability affects Thunderbird < 78.9.1. | CVSS3: 4.3 | 0% Низкий | почти 5 лет назад |
 | CVE-2021-23992 Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user ID, or by adding another user ID. If Thunderbird imports and accepts the crafted key, the Thunderbird user may falsely conclude that the false user ID belongs to the correspondent. This vulnerability affects Thunderbird < 78.9.1. | CVSS3: 4.3 | 0% Низкий | больше 4 лет назад |
| CVE-2021-23992 Thunderbird did not check if the user ID associated with an OpenPGP ke ... | CVSS3: 4.3 | 0% Низкий | больше 4 лет назад |
| GHSA-x89c-f42w-ch2g Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user ID, or by adding another user ID. If Thunderbird imports and accepts the crafted key, the Thunderbird user may falsely conclude that the false user ID belongs to the correspondent. This vulnerability affects Thunderbird < 78.9.1. | 0% Низкий | больше 3 лет назад | |
 | BDU:2021-02196 Уязвимость почтового клиента Thunderbird, связанная c некорректной проверкой криптографической подписи OpenPGP, позволяющая нарушителю получить доступ к защищаемой информации | CVSS3: 5.4 | 0% Низкий | почти 5 лет назад |
| ELSA-2021-1193 ELSA-2021-1193: thunderbird security update (MODERATE) | почти 5 лет назад | ||
| ELSA-2021-1192 ELSA-2021-1192: thunderbird security update (MODERATE) | почти 5 лет назад | ||
 | SUSE-SU-2021:1167-1 Security update for MozillaThunderbird | почти 5 лет назад | ||
| openSUSE-SU-2021:0580-1 Security update for MozillaThunderbird | почти 5 лет назад |
Уязвимостей на страницу