Lucene search
Redhat.comRH:CVE-2024-1936HistoryMar 06, 2024 - 1:42 p.m.
CVE-2024-1936
2024-03-0613:42:35
redhat.com
access.redhat.com
21
mozilla
thunderbird
subject contamination
email security
encryption
flaw
confidential information
security advisory
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird’s local cache. Consequently, when replying to the contaminated email message, the user might accidentally leak the confidential subject to a third party. While this update fixes the bug and avoids future message contamination, it does not automatically repair existing contaminations. Users are advised to use the repair folder functionality, which is available from the context menu of email folders, which will erase incorrect subject assignments.
Related
prion
prion
Design/Logic Flaw
2024-03-04 22:15:00
slackware
slackware
[slackware-security] mozilla-thunderbird
2024-03-05 21:23:09
nessus
nessus
Slackware Linux 15.0 / current mozilla-thunderbird Vulnerability (SSA:2024-065-01)
2024-03-05 00:00:00
Fedora 38 : thunderbird (2024-325c1d1fce)
2024-03-13 00:00:00
Fedora 40 : thunderbird (2024-d8a0e599e2)
2024-04-29 00:00:00
kaspersky
kaspersky
KLA64752 OSI vulnerability in Mozilla Thunderbird
2024-03-04 00:00:00
amazon
amazon
Low: thunderbird
2024-03-13 20:26:00
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0054)
2024-03-12 00:00:00
Slackware: Security Advisory (SSA:2024-065-01)
2024-03-06 00:00:00
Mozilla Thunderbird Security Update (mfsa_2024-11) - Mac OS X
2024-03-11 00:00:00
cvelist
cvelist
CVE-2024-1936
2024-03-04 21:31:54
nvd
nvd
CVE-2024-1936
2024-03-04 22:15:46
mageia
mageia
Updated thunderbird packages fix security vulnerability and make improvements
2024-03-12 03:30:17
ubuntucve
ubuntucve
CVE-2024-1936
2024-03-04 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Thunderbird 115.8.1 — Mozilla
2024-03-04 00:00:00
cve
cve
CVE-2024-1936
2024-03-04 22:15:46
debiancve
debiancve
CVE-2024-1936
2024-03-04 22:15:46
veracode
veracode
Sensitive Information Exposure
2024-03-10 02:43:19
oraclelinux
oraclelinux
thunderbird security update
2024-03-26 00:00:00
thunderbird security update
2024-03-26 00:00:00
thunderbird security update
2024-03-25 00:00:00
osv
osv
Moderate: thunderbird security update
2024-03-25 00:00:00
Moderate: thunderbird security update
2024-03-25 00:00:00
Moderate: thunderbird security update
2024-03-27 04:34:32
redhat
redhat
(RHSA-2024:1496) Moderate: thunderbird security update
2024-03-25 18:33:37
(RHSA-2024:1498) Moderate: thunderbird security update
2024-03-25 18:33:53
(RHSA-2024:1499) Moderate: thunderbird security update
2024-03-25 18:34:00
almalinux
almalinux
Moderate: thunderbird security update
2024-03-25 00:00:00
Moderate: thunderbird security update
2024-03-25 00:00:00
rocky
rocky
thunderbird security update
2024-03-27 04:34:32
centos
centos
thunderbird security update
2024-04-03 14:01:39
debian
debian
[SECURITY] [DSA 5644-1] thunderbird security update
2024-03-21 19:22:16
[SECURITY] [DLA 3769-1] thunderbird security update
2024-03-23 11:22:35
gentoo
gentoo
Mozilla Thunderbird: Multiple Vulnerabilities
2024-05-12 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2024-03-04 00:00:00