pkg:Debian/enigmail
共 19 筆 CVEHIGH7MEDIUM7
✅ 檢查你的版本
所有已知漏洞
- HIGH7.5CVE-2019-12269Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can cause the product to display a "correctly…from 0, < 2:2.0.11+ds1-1
- HIGH7.5CVE-2018-12019The signature verification routine in Enigmail before 2.0.7 interprets user ids as status/control messages and does not correctly keep trac…from 0, < 2:2.0.7-1
- from 0, < 2:2.0.7-1
- from 0, < 2:1.9.9-1
- from 0, < 2:1.9.9-1
- from 0, < 2:1.9.9-1
- from 0, < 2:1.9.9-1
- MEDIUM6.5CVE-2019-14664In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub-parts within a crafted multipart email.from 0, < 2:2.1.3+ds1-1
- MEDIUM6.5CVE-2018-15586Enigmail before 2.0.6 is prone to to OpenPGP signatures being spoofed for arbitrary messages using a PGP/INLINE signature wrapped within a…from 0, < 2:2.0.6.1-2
- from 0, < 2:1.9.9-1
- MEDIUM5.9CVE-2017-17688The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration…from 0, < 2:2.0.6.1-4
- from 0, < 2:1.9.9-1~deb8u1
- from 0, < 2:1.9.9-1
- from 0, < 2:1.9.9-1~deb7u1
- —CVE-2014-5369Enigmail 1.7.x before 1.7.2 sends emails in plaintext when encryption is enabled and only BCC recipients are specified, which allows remote…from 0, < 2:1.7.2-1
- —CVE-2007-1264Enigmail 0.94.2 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Enigmail from visually disti…from 0, < 2:0.95.0+1-1
- —CVE-2006-5877The enigmail extension before 0.94.2 does not properly handle large, encrypted file e-mail attachments, which allows remote attackers to ca…from 0, < 2:0.94.2-1
- from 0, < 2:0.91-4sarge2
- from 0, < 2:0.93-1