Thunderbird stored OpenPGP secret keys without master password protection - CVE-2021-29956ID: oval:org.secpod.oval:def:72061 | Date: (C)2021-05-21 (M)2023-11-19 |
Class: VULNERABILITY | Family: macos |
Mozilla Thunderbird greater than or equal to 78.8.1 and before 78.10.2: OpenPGP secret keys that were imported using Thunderbird version 78.8.1 up to version 78.10.1 were stored unencrypted on the user's local disk. The master password protection was inactive for those keys. Version 78.10.2 will restore the protection mechanism for newly imported keys, and will automatically protect keys that had been imported using affected Thunderbird versions.
Platform: |
Apple Mac OS 14 |
Apple Mac OS 13 |
Apple Mac OS 12 |
Apple Mac OS X 10.10 |
Apple Mac OS X 10.11 |
Apple Mac OS X 10.12 |
Apple Mac OS X 10.13 |
Apple Mac OS X 10.14 |
Apple Mac OS X 10.15 |
Apple Mac OS 11 |
Product: |
Mozilla Thunderbird |