AVG-2712 - log back

AVG-2712 edited at 16 May 2022 19:30:15
Status
- Unknown
+ Not affected
AVG-2712 edited at 14 May 2022 20:43:02
Advisory qualified
- Yes
+ No
AVG-2712 created at 14 May 2022 20:42:56
Packages
+ thunderbird
Issues
+ CVE-2022-1097
+ CVE-2022-1196
+ CVE-2022-1197
+ CVE-2022-24713
+ CVE-2022-28281
+ CVE-2022-28282
+ CVE-2022-28285
+ CVE-2022-28286
+ CVE-2022-28289
Status
+ Unknown
Severity
+ High
Affected
+ 91.7.0-1
Fixed
+ 91.8.0-1
Ticket
Advisory qualified
+ Yes
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2022-15/
Notes
+ "In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts."