PT-2018-19239 — Enigmail Enigmail

PT-2018-19239 · Enigmail · Enigmail

Published

2018-12-21

Updated

2018-12-21

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Enigmail versions prior to 2.0.9

Description A security issue is fixed where using Web Key Discovery may trigger an HTTP authentication, potentially tricking users into sending email credentials.

Recommendations For Enigmail versions prior to 2.0.9, update to version 2.0.9 to resolve the issue.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

SUSE-SU-2018:4215-1

Affected Products

Enigmail