Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have led to cross-origin account linking in violation of WebAuthn goals. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Thunderbird 信息泄露漏洞
Vulnerability Description
Mozilla Thunderbird是美国Mozilla基金会的一套从Mozilla Application Suite独立出来的电子邮件客户端软件。该软件支持IMAP、POP邮件协议以及HTML邮件格式。 Mozilla Thunderbird 91.0 到 91.9.1 版本存在信息泄露漏洞,该漏洞源于处理大量允许权限条目时出现错误。远程攻击者利用该漏洞可访问潜在的敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A