Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Downloading of OpenPGP keys from WKD used incorrect padding
Vulnerability Description
When requesting an OpenPGP key from a WKD server, an incorrect padding size was used and a network observer could have learned the length of the requested email address. This vulnerability was fixed in Thunderbird 136 and Thunderbird 128.8.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Thunderbird 安全漏洞
Vulnerability Description
Mozilla Thunderbird是美国Mozilla基金会的一套从Mozilla Application Suite独立出来的电子邮件客户端软件。该软件支持IMAP、POP邮件协议以及HTML邮件格式。 Mozilla Thunderbird 136之前版本和128.8之前版本存在安全漏洞,该漏洞源于从WKD服务器请求OpenPGP密钥时使用了不正确的填充大小,可能导致网络观察者获取请求的电子邮件地址长度。
CVSS Information
N/A
Vulnerability Type
N/A