CVE-2018-12383 - log back

CVE-2018-12383 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Local
Type
+ Information disclosure
Description
+ A security issue has been found in Thunderbird versions prior to 60.2.1. If a user saved passwords before the move to a new password format and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format. The new master password is added only on the new file. This could allow the exposure of stored password data outside of user expectations.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12383
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1475775
Notes