CVE-2022-1520 Information

Description

When viewing an email message A which contains an attached message B where B is encrypted or digitally signed or both Thunderbird may show an incorrect encryption or signature status. After opening and viewing the attached message B when returning to the display of message A the message A might be shown with the security status of message B. This vulnerability affects Thunderbird < 91.9.

Reference

https://bugzilla.mozilla.org/show_bug.cgi?id=1745019 https://www.mozilla.org/security/advisories/mfsa2022-18/