CVE-2021-29950

Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key import task. If the task runs into a failure, the secret key may remain in memory in its unprotected state. This vulnerability affects Thunderbird < 78.8.1.
References
Configurations

Configuration 1

cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

Information

Published : 2021-06-24 02:15

Updated : 2021-06-25 08:12


NVD link : CVE-2021-29950

Mitre link : CVE-2021-29950

Products Affected
No products.
CWE
CWE-312

Cleartext Storage of Sensitive Information