Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.
Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, trick a user into accepting unwanted permissions, conduct header splitting attacks, conduct spoofing attacks, bypass security restrictions, confuse the user, or execute arbitrary code. (CVE-2021-4129,CVE-2021-4140,CVE-2021-29981,CVE-2021-29982, CVE-2021-29987,CVE-2021-29991,CVE-2021-38495,CVE-2021-38496, CVE-2021-38497,CVE-2021-38498,CVE-2021-38500,CVE-2021-38501, CVE-2021-38503,CVE-2021-38504,CVE-2021-38506,CVE-2021-38507, CVE-2021-38508,CVE-2021-38509,CVE-2021-43534,CVE-2021-43535, CVE-2021-43536,CVE-2021-43537,CVE-2021-43538,CVE-2021-43539, CVE-2021-43541,CVE-2021-43542,CVE-2021-43543,CVE-2021-43545, CVE-2021-43656,CVE-2022-22737,CVE-2022-22738,CVE-2022-22739, CVE-2022-22740,CVE-2022-22741,CVE-2022-22742,CVE-2022-22743, CVE-2022-22745,CVE-2022-22747,CVE-2022-22748,CVE-2022-22751)
It was discovered that Thunderbird ignored the configuration to require STARTTLS for an SMTP connection. A person-in-the-middle could potentially exploit this to perform a downgrade attack in order to intercept messages or take control of a session. (CVE-2021-38502)
A buffer overflow was discovered in the Matrix chat library bundled with Thunderbird. An attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. (CVE-2021-44538)
It was discovered that Thunderbird's OpenPGP integration only considered the inner signed message when checking signature validity in a message that contains an additional outer MIME layer. An attacker could potentially exploit this to trick the user into thinking that a message has a valid signature. (CVE-2021-4126)