Your submission was sent successfully! Close

CVE-2021-38372

Published: 10 August 2021

In KDE Trojita 0.7, man-in-the-middle attackers can create new folders because untagged responses from an IMAP server are accepted before STARTTLS.

Priority

Medium

CVSS 3 base score: 3.7

Status

Package Release Status
trojita
Launchpad, Ubuntu, Debian
bionic Does not exist

focal Needs triage

hirsute Ignored
(reached end-of-life)
impish Needs triage

jammy Needs triage

trusty Does not exist

upstream Needs triage

xenial Ignored
(out of standard support)