---

CVE-2021-29950 - log back

CVE-2021-29950 edited at 21 Apr 2021 09:05:23

Description

- A security issue was found in Thunderbird before version 78.9.1. Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key import task. If the task runs into a failure, the secret key may remain in memory in its unprotected state. + A security issue was found in Thunderbird before version 78.8.1. Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key import task. If the task runs into a failure, the secret key may remain in memory in its unprotected state.

CVE-2021-29950 edited at 21 Apr 2021 08:58:47
Severity	- Unknown + Medium
Remote	- Unknown + Local
Type	- Unknown + Private key recovery
Description	+ A security issue was found in Thunderbird before version 78.9.1. Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key import task. If the task runs into a failure, the secret key may remain in memory in its unprotected state.
References	+ https://www.mozilla.org/en-US/security/advisories/mfsa2021-17/#CVE-2021-29950 + https://bugzilla.mozilla.org/show_bug.cgi?id=1673239

CVE-2021-29950 created at 21 Apr 2021 08:57:45
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes