16 matches found
openSUSE: Security Advisory for MozillaThunderbird (openSUSE-SU-2022:0058-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Ubuntu 21.10 : Thunderbird vulnerabilities (USN-5246-1)
The remote Ubuntu 21.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5246-1 advisory. Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker...
openSUSE 15 Security Update : MozillaThunderbird (openSUSE-SU-2022:0058-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0058-1 advisory. - When receiving an OpenPGP/MIME signed email message that contains an additional outer MIME message layer, for example a message footer...
SUSE SLED15: MozillaThunderbird / MozillaThunderbird-translations-common / etc (SUSE-SU-2022:0058-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0058-1 advisory. - Mozilla Thunderbird 91.4.1 - CVE-2021-4126: OpenPGP signature status doesn't consider additional message...
SUSE-SU-2022:0058-1 Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: - Mozilla Thunderbird 91.4.1 - CVE-2021-4126: OpenPGP signature status doesn't consider additional message content. bsc1194215 - CVE-2021-44538: Matrix chat library libolm bundled with Thunderbird vulnerable to a buffer overflow...
Debian: Security Advisory (DLA-2874-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security fix for the ALT Linux 10 package thunderbird version 91.4.1-alt1
91.4.1-alt1 built Dec. 27, 2021 Andrey Cherepanov in task 292439 Dec. 21, 2021 Andrey Cherepanov - New version. - Security fixes: + CVE-2021-4126 OpenPGP signature status doesn't consider additional message content + CVE-2021-44538 Matrix chat library libolm bundled with Thunderbird vulnerable to...
Updated thunderbird packages fix security vulnerability
OpenPGP signature status doesn't consider additional message content. CVE-2021-4126 Matrix chat library libolm bundled with Thunderbird vulnerable to a buffer overflow. CVE-2021-44538...
Mozilla Thunderbird < 91.4.1
The version of Thunderbird installed on the remote Windows host is prior to 91.4.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-55 advisory. - Thunderbird users who use the Matrix chat protocol were vulnerable to a buffer overflow in libolm, that an attack...
Mozilla Thunderbird < 91.4.1
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 91.4.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-55 advisory. - Thunderbird users who use the Matrix chat protocol were vulnerable to a buffer overflow in libolm, that...
MGASA-2021-0571 Updated olm packages fix security vulnerability
Updated olm packages fix security vulnerability: The olmsessiondescribe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of t...
Updated olm packages fix security vulnerability
Updated olm packages fix security vulnerability: The olmsessiondescribe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of t...
CVE-2021-44538
creationtimestamp| type| source ---|---|--- 2021-12-14 16:12:55+00:00| seen| https://t.me/cibsecurity/33921...
CVE-2021-44538
CVE-2021-44538: The olm_session_describe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object state is partially controllable by the remote party; crafted messages can manipulate the receiver’s session so that, for some buffer sizes, a buffer overflow ...
CVE-2021-44538
The olmsessiondescribe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a crafted...
CVE-2022-44538
CVE-2022-44538 is rejected/not used per the Initial Description; it does not represent an active vulnerability entry.