CVE-2022-1520 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2022-1520 Interim 1 13 2023-09-08T23:37:07Z current 2022-05-07T23:52:04Z 2023-09-08T23:37:07Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2022-1520 When viewing an email message A, which contains an attached message B, where B is encrypted or digitally signed or both, Thunderbird may show an incorrect encryption or signature status. After opening and viewing the attached message B, when returning to the display of message A, the message A might be shown with the security status of message B. This vulnerability affects Thunderbird < 91.9. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2022-May/011060.html E-Mail link for SUSE-SU-2022:1719-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Workstation Extension 15 SP3 SUSE Linux Enterprise Workstation Extension 15 SP4 SUSE Linux Enterprise Workstation Extension 15 SP5 SUSE Linux Enterprise Module for Package Hub 15 SP3 SUSE Linux Enterprise Module for Package Hub 15 SP4 SUSE Linux Enterprise Module for Package Hub 15 SP5 SUSE Linux Enterprise Workstation Extension 15 SP3 SUSE Linux Enterprise Workstation Extension 15 SP4 SUSE Linux Enterprise Workstation Extension 15 SP5 SUSE Linux Enterprise Server Teradata 12 SP3-LTSS SUSE Linux Enterprise Workstation Extension 15 SP3 SUSE Linux Enterprise Workstation Extension 15 SP4 SUSE Linux Enterprise Workstation Extension 15 SP5 openSUSE Leap 15.3 openSUSE Leap 15.4 openSUSE Tumbleweed MozillaFirefox MozillaThunderbird-91.9.0-1.1 MozillaThunderbird-91.9.0-150200.8.68.2 MozillaThunderbird-translations-common-91.9.0-1.1 MozillaThunderbird-translations-common-91.9.0-150200.8.68.2 MozillaThunderbird-translations-other-91.9.0-1.1 MozillaThunderbird-translations-other-91.9.0-150200.8.68.2 MozillaThunderbird-91.9.0-150200.8.68.2 as a component of SUSE Linux Enterprise Module for Package Hub 15 SP3 MozillaThunderbird-translations-common-91.9.0-150200.8.68.2 as a component of SUSE Linux Enterprise Module for Package Hub 15 SP3 MozillaThunderbird-translations-other-91.9.0-150200.8.68.2 as a component of SUSE Linux Enterprise Module for Package Hub 15 SP3 MozillaThunderbird-91.9.0-150200.8.68.2 as a component of SUSE Linux Enterprise Module for Package Hub 15 SP4 MozillaThunderbird-translations-common-91.9.0-150200.8.68.2 as a component of SUSE Linux Enterprise Module for Package Hub 15 SP4 MozillaThunderbird-translations-other-91.9.0-150200.8.68.2 as a component of SUSE Linux Enterprise Module for Package Hub 15 SP4 MozillaThunderbird-91.9.0-150200.8.68.2 as a component of SUSE Linux Enterprise Module for Package Hub 15 SP5 MozillaThunderbird-translations-common-91.9.0-150200.8.68.2 as a component of SUSE Linux Enterprise Module for Package Hub 15 SP5 MozillaThunderbird-translations-other-91.9.0-150200.8.68.2 as a component of SUSE Linux Enterprise Module for Package Hub 15 SP5 MozillaThunderbird-91.9.0-150200.8.68.2 as a component of SUSE Linux Enterprise Workstation Extension 15 SP3 MozillaThunderbird-translations-common-91.9.0-150200.8.68.2 as a component of SUSE Linux Enterprise Workstation Extension 15 SP3 MozillaThunderbird-translations-other-91.9.0-150200.8.68.2 as a component of SUSE Linux Enterprise Workstation Extension 15 SP3 MozillaThunderbird-91.9.0-150200.8.68.2 as a component of SUSE Linux Enterprise Workstation Extension 15 SP4 MozillaThunderbird-translations-common-91.9.0-150200.8.68.2 as a component of SUSE Linux Enterprise Workstation Extension 15 SP4 MozillaThunderbird-translations-other-91.9.0-150200.8.68.2 as a component of SUSE Linux Enterprise Workstation Extension 15 SP4 MozillaThunderbird-91.9.0-150200.8.68.2 as a component of SUSE Linux Enterprise Workstation Extension 15 SP5 MozillaThunderbird-translations-common-91.9.0-150200.8.68.2 as a component of SUSE Linux Enterprise Workstation Extension 15 SP5 MozillaThunderbird-translations-other-91.9.0-150200.8.68.2 as a component of SUSE Linux Enterprise Workstation Extension 15 SP5 MozillaThunderbird-91.9.0-150200.8.68.2 as a component of openSUSE Leap 15.3 MozillaThunderbird-translations-common-91.9.0-150200.8.68.2 as a component of openSUSE Leap 15.3 MozillaThunderbird-translations-other-91.9.0-150200.8.68.2 as a component of openSUSE Leap 15.3 MozillaThunderbird-91.9.0-150200.8.68.2 as a component of openSUSE Leap 15.4 MozillaThunderbird-translations-common-91.9.0-150200.8.68.2 as a component of openSUSE Leap 15.4 MozillaThunderbird-translations-other-91.9.0-150200.8.68.2 as a component of openSUSE Leap 15.4 MozillaThunderbird-91.9.0-1.1 as a component of openSUSE Tumbleweed MozillaThunderbird-translations-common-91.9.0-1.1 as a component of openSUSE Tumbleweed MozillaThunderbird-translations-other-91.9.0-1.1 as a component of openSUSE Tumbleweed MozillaFirefox as a component of SUSE Linux Enterprise Server Teradata 12 SP3-LTSS When viewing an email message A, which contains an attached message B, where B is encrypted or digitally signed or both, Thunderbird may show an incorrect encryption or signature status. After opening and viewing the attached message B, when returning to the display of message A, the message A might be shown with the security status of message B. This vulnerability affects Thunderbird < 91.9. CVE-2022-1520 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP5:MozillaThunderbird-translations-common-91.9.0-150200.8.68.2 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP5:MozillaThunderbird-translations-other-91.9.0-150200.8.68.2 SUSE Linux Enterprise Module for Package Hub 15 SP3:MozillaThunderbird-91.9.0-150200.8.68.2 SUSE Linux Enterprise Module for Package Hub 15 SP3:MozillaThunderbird-translations-common-91.9.0-150200.8.68.2 SUSE Linux Enterprise Module for Package Hub 15 SP3:MozillaThunderbird-translations-other-91.9.0-150200.8.68.2 SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-91.9.0-150200.8.68.2 SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-91.9.0-150200.8.68.2 SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-91.9.0-150200.8.68.2 SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-91.9.0-150200.8.68.2 SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-common-91.9.0-150200.8.68.2 SUSE Linux Enterprise Module for Package Hub 15 SP5:MozillaThunderbird-translations-other-91.9.0-150200.8.68.2 SUSE Linux Enterprise Workstation Extension 15 SP3:MozillaThunderbird-91.9.0-150200.8.68.2 SUSE Linux Enterprise Workstation Extension 15 SP3:MozillaThunderbird-translations-common-91.9.0-150200.8.68.2 SUSE Linux Enterprise Workstation Extension 15 SP3:MozillaThunderbird-translations-other-91.9.0-150200.8.68.2 SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-91.9.0-150200.8.68.2 SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-91.9.0-150200.8.68.2 SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-91.9.0-150200.8.68.2 SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-91.9.0-150200.8.68.2 SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-common-91.9.0-150200.8.68.2 SUSE Linux Enterprise Workstation Extension 15 SP5:MozillaThunderbird-translations-other-91.9.0-150200.8.68.2 openSUSE Leap 15.3:MozillaThunderbird-91.9.0-150200.8.68.2 openSUSE Leap 15.3:MozillaThunderbird-translations-common-91.9.0-150200.8.68.2 openSUSE Leap 15.3:MozillaThunderbird-translations-other-91.9.0-150200.8.68.2 openSUSE Leap 15.4:MozillaThunderbird-91.9.0-150200.8.68.2 openSUSE Leap 15.4:MozillaThunderbird-translations-common-91.9.0-150200.8.68.2 openSUSE Leap 15.4:MozillaThunderbird-translations-other-91.9.0-150200.8.68.2 openSUSE Tumbleweed:MozillaThunderbird-91.9.0-1.1 openSUSE Tumbleweed:MozillaThunderbird-translations-common-91.9.0-1.1 openSUSE Tumbleweed:MozillaThunderbird-translations-other-91.9.0-1.1 SUSE Linux Enterprise Server Teradata 12 SP3-LTSS:MozillaFirefox important 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N