Vulnerabilities > Mailvelope

DATE	CVE	VULNERABILITY TITLE	RISK
2019-07-09	CVE-2019-9150	Key Management Errors vulnerability in Mailvelope Mailvelope prior to 3.3.0 does not require user interaction to import public keys shown on web page. network low complexity mailvelope CWE-320	5.0
2019-07-09	CVE-2019-9149	Incorrect Authorization vulnerability in Mailvelope Mailvelope prior to 3.3.0 allows private key operations without user interaction via its client-API. network low complexity mailvelope CWE-863	6.4
2019-07-09	CVE-2019-9148	Improper Certificate Validation vulnerability in Mailvelope Mailvelope prior to 3.3.0 accepts or operates with invalid PGP public keys: Mailvelope allows importing keys that contain users without a valid self-certification. network mailvelope CWE-295	4.3
2019-07-09	CVE-2019-9147	Improper Restriction of Rendered UI Layers or Frames vulnerability in Mailvelope Mailvelope prior to 3.1.0 is vulnerable to a clickjacking attack against the settings page. network mailvelope CWE-1021	4.3

Vulnerabilities > Mailvelope {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Mailvelope"}]}