Headline
CVE-2020-15685: Invalid Bug ID
During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird < 78.7.
Sorry, I can’t find "1622640?cve=title". It does not seem like bug number nor an alias to a bug.
Please press Back and try again.
Related news
CVE-2021-39272: NO STARTTLS
Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH.
CVE-2021-38370: NO STARTTLS
In Alpine before 2.25, untagged responses from an IMAP server are accepted before STARTTLS.