3 matches found
CVE-2025-3877
Rejected reason: This CVE was marked as fixed, but due to other code landing - was not actually fixed. It was subsequently fixed in CVE-2025-5986...
CVE-2025-26695
When requesting an OpenPGP key from a WKD server, an incorrect padding size was used and a network observer could have learned the length of the requested email address. This vulnerability affects Thunderbird 136 and Thunderbird 128.8...
CVE-2025-26695
CVE-2025-26695 is a Thunderbird vulnerability where an incorrect padding size is used when requesting an OpenPGP key from a WKD server, enabling a network observer to learn the length of the requested email address. Affected: Thunderbird versions prior to 136 and prior to 128.8. Remediation: upgr...