Количество 9
Количество 9
CVE-2021-23993
An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self signature, and the Thunderbird user imports the crafted key, then Thunderbird may try to use the invalid subkey, but the RNP library rejects it from being used, causing encryption to fail. This vulnerability affects Thunderbird < 78.9.1.
CVE-2021-23993
An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self signature, and the Thunderbird user imports the crafted key, then Thunderbird may try to use the invalid subkey, but the RNP library rejects it from being used, causing encryption to fail. This vulnerability affects Thunderbird < 78.9.1.
CVE-2021-23993
An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self signature, and the Thunderbird user imports the crafted key, then Thunderbird may try to use the invalid subkey, but the RNP library rejects it from being used, causing encryption to fail. This vulnerability affects Thunderbird < 78.9.1.
CVE-2021-23993
An attacker may perform a DoS attack to prevent a user from sending en ...
GHSA-3pj2-rvj5-6646
An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self signature, and the Thunderbird user imports the crafted key, then Thunderbird may try to use the invalid subkey, but the RNP library rejects it from being used, causing encryption to fail. This vulnerability affects Thunderbird < 78.9.1.
BDU:2021-02076
Уязвимость почтового клиента Thunderbird, связанная с недостаточной проверкой импортированных ключей OpenPGP, позволяющая нарушителю отправлять произвольные зашифрованные сообщения
ELSA-2021-1193
ELSA-2021-1193: thunderbird security update (MODERATE)
ELSA-2021-1192
ELSA-2021-1192: thunderbird security update (MODERATE)
openSUSE-SU-2021:0580-1
Security update for MozillaThunderbird
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-23993 An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self signature, and the Thunderbird user imports the crafted key, then Thunderbird may try to use the invalid subkey, but the RNP library rejects it from being used, causing encryption to fail. This vulnerability affects Thunderbird < 78.9.1. | CVSS3: 6.5 | 0% Низкий | больше 4 лет назад |
 | CVE-2021-23993 An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self signature, and the Thunderbird user imports the crafted key, then Thunderbird may try to use the invalid subkey, but the RNP library rejects it from being used, causing encryption to fail. This vulnerability affects Thunderbird < 78.9.1. | CVSS3: 6.5 | 0% Низкий | почти 5 лет назад |
 | CVE-2021-23993 An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self signature, and the Thunderbird user imports the crafted key, then Thunderbird may try to use the invalid subkey, but the RNP library rejects it from being used, causing encryption to fail. This vulnerability affects Thunderbird < 78.9.1. | CVSS3: 6.5 | 0% Низкий | больше 4 лет назад |
| CVE-2021-23993 An attacker may perform a DoS attack to prevent a user from sending en ... | CVSS3: 6.5 | 0% Низкий | больше 4 лет назад |
| GHSA-3pj2-rvj5-6646 An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self signature, and the Thunderbird user imports the crafted key, then Thunderbird may try to use the invalid subkey, but the RNP library rejects it from being used, causing encryption to fail. This vulnerability affects Thunderbird < 78.9.1. | CVSS3: 6.5 | 0% Низкий | больше 3 лет назад |
 | BDU:2021-02076 Уязвимость почтового клиента Thunderbird, связанная с недостаточной проверкой импортированных ключей OpenPGP, позволяющая нарушителю отправлять произвольные зашифрованные сообщения | CVSS3: 5.4 | 0% Низкий | около 5 лет назад |
| ELSA-2021-1193 ELSA-2021-1193: thunderbird security update (MODERATE) | почти 5 лет назад | ||
| ELSA-2021-1192 ELSA-2021-1192: thunderbird security update (MODERATE) | почти 5 лет назад | ||
 | openSUSE-SU-2021:0580-1 Security update for MozillaThunderbird | почти 5 лет назад |
Уязвимостей на страницу