---

AVG-1601 - log back

AVG-1601 edited at 13 Mar 2021 21:12:21
Advisory qualified	- Yes + No

AVG-1601 edited at 26 Feb 2021 13:38:23
Status	- Vulnerable + Fixed
Fixed	+ 78.8.0-1

AVG-1601 created at 23 Feb 2021 19:02:02
Packages	+ thunderbird
Issues	+ CVE-2021-23968 + CVE-2021-23969 + CVE-2021-23973 + CVE-2021-23978
Status	+ Vulnerable
Severity	+ High
Affected	+ 78.7.1-1
Fixed
Ticket
Advisory qualified	+ Yes
References	+ https://www.mozilla.org/en-US/security/advisories/mfsa2021-09/
Notes	+ In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts.