Unrated severityNVD Advisory· Published Dec 22, 2022· Updated Apr 16, 2025
CVE-2022-1520
CVE-2022-1520
Description
When viewing an email message A, which contains an attached message B, where B is encrypted or digitally signed or both, Thunderbird may show an incorrect encryption or signature status. After opening and viewing the attached message B, when returning to the display of message A, the message A might be shown with the security status of message B. This vulnerability affects Thunderbird < 91.9.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10< 91.9+ 1 more
- (no CPE)range: < 91.9
- (no CPE)range: unspecified
- osv-coords8 versionspkg:rpm/almalinux/thunderbirdpkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Tumbleweedpkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP3pkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP4pkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP3pkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP4
< 91.9.0-3.el8_5.alma+ 7 more
- (no CPE)range: < 91.9.0-3.el8_5.alma
- (no CPE)range: < 91.9.0-150200.8.68.2
- (no CPE)range: < 91.9.0-150200.8.68.2
- (no CPE)range: < 91.9.0-1.1
- (no CPE)range: < 91.9.0-150200.8.68.2
- (no CPE)range: < 91.9.0-150200.8.68.2
- (no CPE)range: < 91.9.0-150200.8.68.2
- (no CPE)range: < 91.9.0-150200.8.68.2
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.