CVE-2022-39249

Public on 2022-09-28
Modified on 2022-11-29
Description
A flaw was found in Mozilla. According to the Mozilla Foundation Security Advisory, Thunderbird users who use the Matrix chat protocol are vulnerable to an impersonation attack. A malicious server administrator could fake encrypted messages to look as if they were sent from another user on that server.
Severity
Important severity
Important
CVSS v3 Base Score
7.5
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 2 - Core thunderbird 2022-12-01 ALAS2-2022-1900 Fixed

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
NVD CVSSv3 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N