vulnerability
Oracle Linux: CVE-2023-29479: ELSA-2023-1802: thunderbird security update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:N/I:N/A:C) | Apr 11, 2023 | May 21, 2024 | Dec 3, 2025 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:C)
Published
Apr 11, 2023
Added
May 21, 2024
Modified
Dec 3, 2025
Description
Ribose RNP before 0.16.3 may hang when the input is malformed.
The Mozilla Foundation Security Advisory describes this flaw as:
Certain malformed OpenPGP messages could trigger incorrect parsing of PKESK/SKESK packets due to a bug in the Ribose RNP library used by Thunderbird up to version 102.9.1, which would cause the Thunderbird user interface to hang. The issue was discovered using Google's oss-fuzz.
The Mozilla Foundation Security Advisory describes this flaw as:
Certain malformed OpenPGP messages could trigger incorrect parsing of PKESK/SKESK packets due to a bug in the Ribose RNP library used by Thunderbird up to version 102.9.1, which would cause the Thunderbird user interface to hang. The issue was discovered using Google's oss-fuzz.
Solution
oracle-linux-upgrade-thunderbird
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.