Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
KDE Messagelib through 5.17.0 reveals cleartext of encrypted messages in some situations. Deleting an attachment of a decrypted encrypted message stored on a remote server (e.g., an IMAP server) causes KMail to upload the decrypted content of the message to the remote server. With a crafted message, a user could be tricked into decrypting an encrypted message and then deleting an attachment attached to this message. If the attacker has access to the messages stored on the email server, then the attacker could read the decrypted content of the encrypted message. This occurs in ViewerPrivate::deleteAttachment in messageviewer/src/viewer/viewer_p.cpp.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
messagelib 信息泄露漏洞
Vulnerability Description
messagelib是一个应用软件。用于Linux的小型C库。 messagelib 存在信息泄露漏洞,该漏洞源于KDE KMail中的messagelib删除远程服务器(例如IMAP服务器)上加密消息的附件的方式。以下产品及版本受到影响:messagelib: 16.03.80, 16.03.90, 16.04.0, 16.04.1, 16.04.2, 16.04.3, 16.07.80, 16.07.90, 16.08.0, 16.08.1, 16.08.2, 16.08.3, 16.11.80, 1
CVSS Information
N/A
Vulnerability Type
N/A