CVE-2019-10734

Name of the Vulnerable Software and Affected Versions KDE Trojita version 0.7

Description The issue allows an attacker with S/MIME or PGP encrypted emails to craft a multipart email that can hide the encrypted parts using HTML/CSS or ASCII newline characters. When the receiver replies to this email, they may unknowingly leak the plaintext of the encrypted message back to the attacker.

Recommendations For KDE Trojita version 0.7, consider disabling the handling of multipart emails with encrypted sub-parts until a patch is available. Restrict access to the email client's reply function for potentially compromised emails to minimize the risk of exploitation.