CVE-2024-23655

Name of the Vulnerable Software and Affected Versions Tuta versions 3.118.12 through 3.119.9

Description Tuta is an encrypted email service. An attacker can send a manipulated email to put the app into an unusable state, preventing the user from accessing received emails. This issue affects not only the app but also the web application, leaving the user with no way to access received emails. The issue was tested with iOS and the web app, but it is possible all clients are affected.

Recommendations For versions 3.118.12 through 3.119.9, update to version 3.119.10 to resolve the issue. As a temporary workaround, consider avoiding the use of the affected email service until the update is applied.