Lucene search
MitreCVELIST:CVE-2019-9150HistoryJul 09, 2019 - 8:49 p.m.
CVE-2019-9150
2019-07-0920:49:50
mitre
www.cve.org
EPSS
0.002
Percentile
64.8%
Mailvelope prior to 3.3.0 does not require user interaction to import public keys shown on web page. This functionality can be tricked to either hide a key import from the user or obscure which key was imported.
References
github.com/mailvelope/mailvelope/blob/master/Changelog.md#v330
www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Studies/Mailvelope_Extensions/Mailvelope_Extensions_pdf.html
www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Studies/Mailvelope_Extensions/Mailvelope_Extensions_pdf.pdf?__blob=publicationFile&v=3
Related
osv
osv
CVE-2019-9150
2019-07-09 21:15:11
nvd
nvd
CVE-2019-9150
2019-07-09 21:15:11
prion
prion
Design/Logic Flaw
2019-07-09 21:15:00
cve
cve
CVE-2019-9150
2019-07-09 21:15:11