Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed with a revoked certificate would be displayed as having a valid signature. Thunderbird versions from 68 to 102.7.0 were affected by this bug. This vulnerability affects Thunderbird < 102.7.1.
The product does not validate, or incorrectly validates, a certificate.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Thunderbird | Mozilla | 68.0 (including) | 102.7.1 (excluding) |
| Thunderbird | Ubuntu | trusty | * |
| Thunderbird | Ubuntu | upstream | * |
| Thunderbird | Ubuntu | xenial | * |
| Red Hat Enterprise Linux 7 | RedHat | thunderbird-0:102.7.1-2.el7_9 | * |
| Red Hat Enterprise Linux 8 | RedHat | thunderbird-0:102.7.1-2.el8_7 | * |
| Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions | RedHat | thunderbird-0:102.7.1-2.el8_1 | * |
| Red Hat Enterprise Linux 8.2 Advanced Update Support | RedHat | thunderbird-0:102.7.1-2.el8_2 | * |
| Red Hat Enterprise Linux 8.2 Telecommunications Update Service | RedHat | thunderbird-0:102.7.1-2.el8_2 | * |
| Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions | RedHat | thunderbird-0:102.7.1-2.el8_2 | * |
| Red Hat Enterprise Linux 8.4 Extended Update Support | RedHat | thunderbird-0:102.7.1-2.el8_4 | * |
| Red Hat Enterprise Linux 8.6 Extended Update Support | RedHat | thunderbird-0:102.7.1-2.el8_6 | * |
| Red Hat Enterprise Linux 9 | RedHat | thunderbird-0:102.7.1-2.el9_1 | * |
| Red Hat Enterprise Linux 9.0 Extended Update Support | RedHat | thunderbird-0:102.7.1-2.el9_0 | * |