CVE-2021-23993 log

Severity Medium
Remote Yes
Type Denial of service
A security issue was found in Thunderbird before version 78.9.1. An attacker may perform a denial of service (DoS) attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self signature, and the Thunderbird user imports the crafted key, then Thunderbird may try to use the invalid subkey, but the RNP library rejects it from being used, causing encryption to fail.
Group Package Affected Fixed Severity Status Ticket
AVG-1790 thunderbird 78.9.0-1 78.9.1-1 Medium Fixed