2 matches found
CVE-2019-8338
The CVE-2019-8338 issue affects the Airmail GPG-PGP Plugin (versions 1.0 (9) and earlier). The vulnerability arises because the signature verification routine does not verify the signature status and also does not verify the signing key’s validity, enabling an attacker to spoof email signatures b...
CVE-2019-8338
The signature verification routine in the Airmail GPG-PGP Plugin, versions 1.0 9 and earlier, does not verify the status of the signature at all, which allows remote attackers to spoof arbitrary email signatures by crafting a signed email with an invalid signature. Also, it does not verify the...