Unrated severityNVD Advisory· Published Jun 2, 2023· Updated Jan 10, 2025
CVE-2023-0547
CVE-2023-0547
Description
OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and revoked certificates would be accepted. Thunderbird versions from 68 to 102.9.1 were affected by this bug. This vulnerability affects Thunderbird < 102.10.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7<102.10+ 1 more
- (no CPE)range: <102.10
- (no CPE)range: unspecified
- osv-coords5 versionspkg:rpm/almalinux/thunderbirdpkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Tumbleweedpkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP4pkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP4
< 102.10.0-2.el8_7.alma+ 4 more
- (no CPE)range: < 102.10.0-2.el8_7.alma
- (no CPE)range: < 102.10.1-150200.8.113.2
- (no CPE)range: < 102.10.0-1.1
- (no CPE)range: < 102.10.1-150200.8.113.2
- (no CPE)range: < 102.10.1-150200.8.113.2
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.