---

AVG-2712 - log back

AVG-2712 edited at 16 May 2022 19:30:15
Status	- Unknown + Not affected

AVG-2712 edited at 14 May 2022 20:43:02
Advisory qualified	- Yes + No

AVG-2712 created at 14 May 2022 20:42:56
Packages	+ thunderbird
Issues	+ CVE-2022-1097 + CVE-2022-1196 + CVE-2022-1197 + CVE-2022-24713 + CVE-2022-28281 + CVE-2022-28282 + CVE-2022-28285 + CVE-2022-28286 + CVE-2022-28289
Status	+ Unknown
Severity	+ High
Affected	+ 91.7.0-1
Fixed	+ 91.8.0-1
Ticket
Advisory qualified	+ Yes
References	+ https://www.mozilla.org/en-US/security/advisories/mfsa2022-15/
Notes	+ "In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts."