Lucene search

K
cvelistMozillaCVELIST:CVE-2021-29948
HistoryJun 24, 2021 - 1:19 p.m.

CVE-2021-29948

2021-06-2413:19:32
mozilla
www.cve.org

5.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

12.8%

Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. This vulnerability affects Thunderbird < 78.10.

CNA Affected

[
  {
    "product": "Thunderbird",
    "vendor": "Mozilla",
    "versions": [
      {
        "lessThan": "78.10",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]