Unrated severityNVD Advisory· Published Jun 24, 2021· Updated Aug 3, 2024
CVE-2021-29950
CVE-2021-29950
Description
Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key import task. If the task runs into a failure, the secret key may remain in memory in its unprotected state. This vulnerability affects Thunderbird < 78.8.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5<78.8.1+ 1 more
- (no CPE)range: <78.8.1
- (no CPE)range: unspecified
- osv-coords3 versionspkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Leap%2015.3pkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP2pkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP3
< 78.10.2-8.27.1+ 2 more
- (no CPE)range: < 78.10.2-8.27.1
- (no CPE)range: < 78.10.2-8.27.1
- (no CPE)range: < 78.10.2-8.27.1
Patches
Vulnerability mechanics
References
2- bugzilla.mozilla.org/show_bug.cgimitrex_refsource_MISC
- www.mozilla.org/security/advisories/mfsa2021-17/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.