Freron Mailmate
By the Year
In 2024 there have been 0 vulnerabilities in Freron Mailmate . Mailmate did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 1 | 5.90 |
| 2019 | 1 | 7.50 |
| 2018 | 1 | 5.90 |
It may take a day or so for new Mailmate vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Freron Mailmate Security Vulnerabilities
MailMate before 1.11 automatically imported S/MIME certificates and thereby silently replaced existing ones
CVE-2020-12619
5.9 - Medium
- August 20, 2020
MailMate before 1.11 automatically imported S/MIME certificates and thereby silently replaced existing ones. This allowed a man-in-the-middle attacker to obtain an email-validated S/MIME certificate from a trusted CA and replace the public key of the entity to be impersonated. This enabled the attacker to decipher further communication. The entire attack could be accomplished by sending a single email.
Improper Certificate Validation
MailMate before 1.11.3 mishandles a suspicious HTML/MIME structure in a signed/encrypted email.
CVE-2018-15588
7.5 - High
- February 11, 2019
MailMate before 1.11.3 mishandles a suspicious HTML/MIME structure in a signed/encrypted email.
Authentication Bypass by Spoofing
The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack
CVE-2017-17688
5.9 - Medium
- May 16, 2018
The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code (MDC) feature or accept an obsolete packet type, not a problem in the OpenPGP specification
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Roundcube Webmail or by Freron? Click the Watch button to subscribe.
