vulnerability

Debian: CVE-2020-15685: thunderbird -- security update

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

Feb 2, 2021

Added

Feb 2, 2021

Modified

Mar 30, 2026

Description

During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird < 78.7.

Solution

debian-upgrade-thunderbird

References

CVE-2020-15685
https://attackerkb.com/topics/CVE-2020-15685
CWE-77
DEBIAN-DSA-4842-1
EUVD-EUVD-2020-7672
https://euvd.enisa.europa.eu/vulnerability/EUVD-2020-7672

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report