| Release | Version |
|---|---|
| jessie | 4:4.14.1-1+deb8u2 |
| stretch | 4:16.04.3-4~deb9u1 |
| Bug | jessie | stretch | Description |
|---|---|---|---|
| CVE-2020-11880 | vulnerable (no DSA) | vulnerable (no DSA) | An issue was discovered in KDE KMail before 19.12.3. By using the prop ... |
| CVE-2019-10732 | fixed | vulnerable (no DSA) | In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypt ... |
| CVE-2017-17689 | vulnerable (no DSA) | vulnerable (no DSA) | The S/MIME specification allows a Cipher Block Chaining (CBC) malleabi ... |
| CVE-2014-8878 | vulnerable (no DSA) | fixed | KDE KMail does not encrypt attachments in emails when "automatic encry ... |
| Bug | jessie | stretch | Description |
|---|---|---|---|
| CVE-2007-1265 | vulnerable | vulnerable | KMail 1.9.5 and earlier does not properly use the --status-fd argument ... |
| CVE-2006-7139 | vulnerable | vulnerable | Kmail 1.9.1 on KDE 3.5.2, with "Prefer HTML to Plain Text" enabled, al ... |
| Bug | Description |
|---|---|
| CVE-2017-9604 | KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in ... |
| CVE-2012-3413 | The HTMLQuoteColorer::process function in messageviewer/htmlquotecolor ... |
| CVE-2005-0404 | KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email inform ... |
| CVE-2003-0988 | Buffer overflow in the VCF file information reader for KDE Personal In ... |
| CVE-2002-1393 | Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quo ... |
| DSA / DLA | Description |
|---|---|
| DLA-1825-1 | kdepim - security update |
| DSA-238 | kdepim - several vulnerabilities |