High severity7.5NVD Advisory· Published Aug 8, 2019· Updated Jun 17, 2026
CVE-2018-20954
CVE-2018-20954
Description
The "Security and Privacy" Encryption feature in Mailpile before 1.0.0rc4 does not exclude disabled, revoked, and expired keys.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Mailpile/Mailpiledescription
Patches
Vulnerability mechanics
References
3- github.com/mailpile/Mailpile/commit/49b64f62ade9ade3dff9337c7bbc1171eab3d59envdPatchThird Party Advisory
- github.com/mailpile/Mailpile/compare/1.0.0rc3...1.0.0rc4nvdThird Party Advisory
- github.com/mailpile/Mailpile/pull/2145nvdThird Party Advisory
News mentions
0No linked articles in our index yet.