During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird < 78.7.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mozilla
Published: 2022-12-22T00:00:00
Updated: 2024-08-04T13:22:30.812Z
Reserved: 2020-07-10T00:00:00
Link: CVE-2020-15685
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-12-22T20:15:11.467
Modified: 2023-01-04T14:14:21.697
Link: CVE-2020-15685
Redhat