Published on August 9th, 2019 📆 | 4038 Views ⚑0
Mailpile up to 1.0.0rc3 Key Expired weak encryption
|CVSS Meta Temp Score||Current Exploit Price (≈)|
A vulnerability, which was classified as critical, was found in Mailpile up to 1.0.0rc3. This affects some unknown functionality of the component Key Handler. The manipulation with an unknown input leads to a weak encryption vulnerability (Expired). CWE is classifying the issue as CWE-311. This is going to have an impact on confidentiality, integrity, and availability.
The weakness was released 08/08/2019. This vulnerability is uniquely identified as CVE-2018-20954 since 08/04/2019. Neither technical details nor an exploit are publicly available.
Upgrading to version 1.0.0rc4 eliminates this vulnerability.
VulDB Meta Base Score: 5.5
VulDB Meta Temp Score: 5.3
Status: Not defined
Price Prediction: 🔍
Current Price Estimation: 🔒
0-Day unlock unlock unlock unlock Today unlock unlock unlock unlock
0-Day Time: 🔒
Upgrade: Mailpile 1.0.0rc4
08/04/2019 CVE assigned Download it now for free!
08/08/2019 +4 days Advisory disclosed
08/09/2019 +1 days VulDB entry created
08/09/2019 +0 days VulDB last update
CVE: CVE-2018-20954 (🔒)Created: 08/09/2019 07:27 AM
Download it now for free!