VYPR

Airmail GPG-PGP Plugin

by Airmail

CVEs (1)

  • CVE-2019-8338MedMay 16, 2019
    risk 0.38cvss 5.9epss 0.02

    The signature verification routine in the Airmail GPG-PGP Plugin, versions 1.0 (9) and earlier, does not verify the status of the signature at all, which allows remote attackers to spoof arbitrary email signatures by crafting a signed email with an invalid signature. Also, it…