DEBIAN-CVE-2023-0616

DEBIAN-CVE-2023-0616 PUBLISHED CVSS 6.5 MEDIUM

If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly attempts to process and display the message, which could cause Thunderbird's user interface to lock up and no longer respond to the user's actions. An attacker could send a crafted message with this structure to attempt a DoS attack. This vulnerability affects Thunderbird < 102.8.

Risk Scores

CVSS 3.1

6.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:13	thunderbird	0, 0, 0
Debian:11	thunderbird	102.0.2-1, 102.0, 102.0
Debian:12	thunderbird	0, 0, 0
Debian:14	thunderbird	0, 0, 0

Timeline

Jun 2, 2023 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2023-0616 advisory

Open in Interactive Console →