Home Original page

kmail - Arch Linux

Open

Group Affected Fixed Severity Status Ticket
AVG-2274 21.08.2-1 Medium Vulnerable
Issue Group Severity Remote Type Description
CVE-2021-38373 AVG-2274 Medium Yes Information disclosure 
In KDE KMail 19.12.3 (aka 5.13.3), the SMTP STARTTLS option is not honored (and cleartext messages are sent) unless "Server requires authentication" is checked.

Resolved

Group Affected Fixed Severity Status Ticket
AVG-299 17.04.1-1 17.04.2-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2017-9604 AVG-299 Medium Yes Information disclosure 
KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action...

Advisories

Date Advisory Group Severity Type
14 Jun 2017 ASA-201706-16 AVG-299 Medium information disclosure