Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:45812
HistoryMar 10, 2024 - 2:43 a.m.

Sensitive Information Exposure

2024-03-1002:43:19
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
thunderbird
sensitive information exposure
email confidentiality

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

6.2

Confidence

High

EPSS

0

Percentile

15.5%

JSON

Thunderbird is vulnerable to Sensitive Information Exposure. The vulnerability is due to the encrypted subject of an email message being incorrectly and permanently assigned to an arbitrary other email message in Thunderbird’s local cache. This could lead to the accidental leakage of confidential subject information to a third party when replying to the contaminated email message. While the update fixes the bug and prevents future message contamination, existing contaminations are not automatically repaired. Users are advised to use the repair folder functionality available from the context menu of email folders, which will erase incorrect subject assignments.

Related

ubuntucve 1
nessus 28
mozilla 1
debiancve 1
cve 1
vulnrichment 1
slackware 1
prion 1
amazon 1
redhatcve 1
kaspersky 1
openvas 8
osv 7
nvd 1
cvelist 1
mageia 1
oraclelinux 3
redhat 9
rocky 1
centos 1
almalinux 2
debian 2
gentoo 1
ubuntu 1
ubuntucve
ubuntucve
CVE-2024-1936
2024-03-04 00:00:00
nessus
nessus
Mozilla Thunderbird < 115.8.1
2024-03-05 00:00:00
Fedora 39 : thunderbird (2024-3699706b25)
2024-03-08 00:00:00
Mozilla Thunderbird < 115.8.1
2024-03-05 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Thunderbird 115.8.1 — Mozilla
2024-03-04 00:00:00
debiancve
debiancve
CVE-2024-1936
2024-03-04 22:15:46
cve
cve
CVE-2024-1936
2024-03-04 22:15:46
vulnrichment
vulnrichment
CVE-2024-1936
2024-03-04 21:31:54
slackware
slackware
[slackware-security] mozilla-thunderbird
2024-03-05 21:23:09
prion
prion
Design/Logic Flaw
2024-03-04 22:15:00
amazon
amazon
Low: thunderbird
2024-03-13 20:26:00
redhatcve
redhatcve
CVE-2024-1936
2024-03-06 13:42:35
kaspersky
kaspersky
KLA64752 OSI vulnerability in Mozilla Thunderbird
2024-03-04 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0054)
2024-03-12 00:00:00
Mozilla Thunderbird Security Update (mfsa_2024-11) - Windows
2024-03-11 00:00:00
Mozilla Thunderbird Security Update (mfsa_2024-11) - Mac OS X
2024-03-11 00:00:00
osv
osv
MozillaThunderbird-115.8.1-1.1 on GA media
2024-06-15 00:00:00
Moderate: thunderbird security update
2024-03-27 04:34:32
Moderate: thunderbird security update
2024-03-25 00:00:00
nvd
nvd
CVE-2024-1936
2024-03-04 22:15:46
cvelist
cvelist
CVE-2024-1936
2024-03-04 21:31:54
mageia
mageia
Updated thunderbird packages fix security vulnerability and make improvements
2024-03-12 03:30:17
oraclelinux
oraclelinux
thunderbird security update
2024-03-26 00:00:00
thunderbird security update
2024-03-25 00:00:00
thunderbird security update
2024-03-26 00:00:00
redhat
redhat
(RHSA-2024:1499) Moderate: thunderbird security update
2024-03-25 18:34:00
(RHSA-2024:1500) Moderate: thunderbird security update
2024-03-25 18:46:38
(RHSA-2024:1497) Moderate: thunderbird security update
2024-03-25 18:33:45
rocky
rocky
thunderbird security update
2024-03-27 04:34:32
centos
centos
thunderbird security update
2024-04-03 14:01:39
almalinux
almalinux
Moderate: thunderbird security update
2024-03-25 00:00:00
Moderate: thunderbird security update
2024-03-25 00:00:00
debian
debian
[SECURITY] [DSA 5644-1] thunderbird security update
2024-03-21 19:22:16
[SECURITY] [DLA 3769-1] thunderbird security update
2024-03-23 11:22:35
gentoo
gentoo
Mozilla Thunderbird: Multiple Vulnerabilities
2024-05-12 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2024-03-04 00:00:00

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

6.2

Confidence

High

EPSS

0

Percentile

15.5%

JSON
Related for VERACODE:45812
ubuntucve1nessus28mozilla1debiancve1cve1vulnrichment1slackware1prion1amazon1redhatcve1kaspersky1openvas8osv7nvd1cvelist1mageia1oraclelinux3redhat9rocky1centos1almalinux2debian2gentoo1ubuntu1