0.0004 Low
EPSS
Percentile
12.8%
thunderbird is vulnerable to arbitrary file write. Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file.
bugzilla.mozilla.org/show_bug.cgi?id=1692899
security-tracker.debian.org/tracker/CVE-2021-29948
www.mozilla.org/en-US/security/advisories/mfsa2021-14/#CVE-2021-29948
www.mozilla.org/security/advisories/mfsa2021-14/