1. Home
  2. Vulnerabilities
  3. CVE-2021-29948

CVE-2021-29948

CVSS v3.1 2.5 (Low)
25% Progress
CVSS v2.0 1.9 (Low)
19% Progress
EPSS 0.04 % (14th)
0.04% Progress
Affected Products 1
Advisories 15
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. This vulnerability affects Thunderbird < 78.10.

Weaknesses
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE Status
PUBLISHED
CNA
Mozilla Corporation
Published Date
2021-06-24 14:15:09
(3 years ago)
Updated Date
2021-06-30 18:28:55
(3 years ago)

Affected Products

Mozilla

Configuration #1

    CPE23 From Up To
  Mozilla Thunderbird prior 78.10 version cpe:2.3:a:mozilla:thunderbird < 78.10