Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2022-26387 - log back

CVE-2022-26387 edited at 14 May 2022 20:58:03

Severity

-	Unknown
+	High

Description

+	When installing an add-on, Thunderbird verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Thunderbird would not have noticed.

References

+	https://bugzilla.mozilla.org/show_bug.cgi?id=1752979

Notes

CVE-2022-26387 created at 14 May 2022 20:52:47