Unrated severityNVD Advisory· Published Dec 22, 2022· Updated Apr 16, 2025
CVE-2020-15685
CVE-2020-15685
Description
During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird < 78.7.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7<78.7+ 1 more
- (no CPE)range: <78.7
- (no CPE)range: unspecified
- osv-coords5 versionspkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Tumbleweedpkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP1pkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP2
< 78.7.0-lp151.2.69.1+ 4 more
- (no CPE)range: < 78.7.0-lp151.2.69.1
- (no CPE)range: < 78.7.0-lp152.2.29.1
- (no CPE)range: < 91.1.1-1.1
- (no CPE)range: < 78.7.0-3.119.1
- (no CPE)range: < 78.7.0-8.9.1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.