3 matches found
CVE-2017-17689
CVE-2017-17689 arises from S/MIME CBC gadget attacks (EFAIL) that can lead to plaintext exfiltration. Connected sources show this affecting KDE PIM/KMail components and related mail tooling across Linux/macOS ecosystems, with public advisories describing how S/MIME/CBC malleability could leak pla...
CVE-2017-17688
CVE-2017-17688 concerns an OpenPGP CFB gadget/malleability attack (EFAIL) that can lead to plaintext exfiltration from encrypted emails. Connected advisories show Enigmail/OpenPGP patches (e.g., openSUSE SUSE/OpenSUSE-2019-368/395; Thunderbird enigmail updates) addressing this vulnerability by ti...
CVE-2018-15670
Bloop Airmail 3.5.9 for macOS is affected. The primary WebView can trigger OpenURL by default during navigation handling, and a navigation request is accepted only when the currentEvent is NX_LMOUSEUP or NX_OMOUSEUP. An attacker could exploit HTML elements with an EventHandler to influence naviga...