Lucene search
MozillaCVELIST:CVE-2024-1936HistoryMar 04, 2024 - 9:31 p.m.
CVE-2024-1936
2024-03-0421:31:54
mozilla
www.cve.org
1
security vulnerability
thunderbird
email
subject
update
confidential
leakage
encryption
fix
contamination
repair
folder
context menu
version 115.8.1
The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird’s local cache. Consequently, when replying to the contaminated email message, the user might accidentally leak the confidential subject to a third party. While this update fixes the bug and avoids future message contamination, it does not automatically repair existing contaminations. Users are advised to use the repair folder functionality, which is available from the context menu of email folders, which will erase incorrect subject assignments. This vulnerability affects Thunderbird < 115.8.1.
CNA Affected
[
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.8.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2024-03-04 22:15:00
slackware
slackware
[slackware-security] mozilla-thunderbird
2024-03-05 21:23:09
nessus
nessus
Slackware Linux 15.0 / current mozilla-thunderbird Vulnerability (SSA:2024-065-01)
2024-03-05 00:00:00
Fedora 38 : thunderbird (2024-325c1d1fce)
2024-03-13 00:00:00
Fedora 40 : thunderbird (2024-d8a0e599e2)
2024-04-29 00:00:00
kaspersky
kaspersky
KLA64752 OSI vulnerability in Mozilla Thunderbird
2024-03-04 00:00:00
amazon
amazon
Low: thunderbird
2024-03-13 20:26:00
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0054)
2024-03-12 00:00:00
Slackware: Security Advisory (SSA:2024-065-01)
2024-03-06 00:00:00
Mozilla Thunderbird Security Update (mfsa_2024-11) - Mac OS X
2024-03-11 00:00:00
redhatcve
redhatcve
CVE-2024-1936
2024-03-06 13:42:35
nvd
nvd
CVE-2024-1936
2024-03-04 22:15:46
mageia
mageia
Updated thunderbird packages fix security vulnerability and make improvements
2024-03-12 03:30:17
ubuntucve
ubuntucve
CVE-2024-1936
2024-03-04 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Thunderbird 115.8.1 — Mozilla
2024-03-04 00:00:00
cve
cve
CVE-2024-1936
2024-03-04 22:15:46
debiancve
debiancve
CVE-2024-1936
2024-03-04 22:15:46
veracode
veracode
Sensitive Information Exposure
2024-03-10 02:43:19
redhat
redhat
(RHSA-2024:1499) Moderate: thunderbird security update
2024-03-25 18:34:00
(RHSA-2024:1500) Moderate: thunderbird security update
2024-03-25 18:46:38
(RHSA-2024:1492) Moderate: thunderbird security update
2024-03-25 18:33:00
oraclelinux
oraclelinux
thunderbird security update
2024-03-26 00:00:00
thunderbird security update
2024-03-26 00:00:00
thunderbird security update
2024-03-25 00:00:00
almalinux
almalinux
Moderate: thunderbird security update
2024-03-25 00:00:00
Moderate: thunderbird security update
2024-03-25 00:00:00
osv
osv
Moderate: thunderbird security update
2024-03-25 00:00:00
Moderate: thunderbird security update
2024-03-25 00:00:00
Moderate: thunderbird security update
2024-03-27 04:34:32
rocky
rocky
thunderbird security update
2024-03-27 04:34:32
centos
centos
thunderbird security update
2024-04-03 14:01:39
debian
debian
[SECURITY] [DLA 3769-1] thunderbird security update
2024-03-23 11:22:35
[SECURITY] [DSA 5644-1] thunderbird security update
2024-03-21 19:22:16
gentoo
gentoo
Mozilla Thunderbird: Multiple Vulnerabilities
2024-05-12 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2024-03-04 00:00:00