CVE-2018-20954

CVE-2018-20954

EPSS 1.1%

The "Security and Privacy" Encryption feature in Mailpile before 1.0.0rc4 does not exclude disabled, revoked, and expired keys.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/mailpile/Mailpile/commit/49b64f62ade9ade3dff9337c7bbc1171eab3d59e https://github.com/mailpile/Mailpile/compare/1.0.0rc3...1.0.0rc4 https://github.com/mailpile/Mailpile/pull/2145