9 matches found
Astra Linux – Vulnerability in Thunderbird
The encrypted subject of an email message may be incorrectly and permanently assigned to another arbitrary email message in Thunderbird’s local cache. As a result, when replying to the contaminated email message, the user may accidentally expose the confidential subject to a third party. While th...
Oracle Linux 9 : thunderbird (ELSA-2024-1493)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-1493 advisory. 115.9.0-1.0.1 - Add Oracle prefs 115.9.0-1 - Update to 115.9.0 build1 - Fix expat CVE-2023-52425 Tenable has extracted the preceding description block...
Mozilla: Leaking of encrypted email subjects to other conversations
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird's local cache. Consequently, when replying to the...
Mozilla: Leaking of encrypted email subjects to other conversations
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird's local cache. Consequently, when replying to the...
Moderate: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
Mozilla: Leaking of encrypted email subjects to other conversations
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird's local cache. Consequently, when replying to the...
SUSE SLED15: MozillaThunderbird / MozillaThunderbird-translations-common / etc (SUSE-SU-2024:0893-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0893-1 advisory. Security Vulnerabilities fixed in Thunderbird 115.8.1 bsc1221054: - CVE-2024-1936: Fixed leaking of...
Mozilla Thunderbird < 115.8.1
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 115.8.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2024-11 advisory. - The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other...
CVE-2024-1936
The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird's local cache. Consequently, when replying to the contaminated email message, the user might accidentally leak the confidential subject to a third-party. Whil...