Vulnerabilities > Trojita Project

DATE CVE VULNERABILITY TITLE RISK
2020-06-25 CVE-2020-15047 Improper Certificate Validation vulnerability in Trojita Project Trojita
MSA/SMTP.cpp in Trojita before 0.8 ignores certificate-verification errors, which allows man-in-the-middle attackers to spoof SMTP servers.
4.3
2019-04-07 CVE-2019-10734 Inadequate Encryption Strength vulnerability in Trojita Project Trojita 0.7
In KDE Trojita 0.7, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email.
4.3
2014-03-21 CVE-2014-2567 Information Exposure vulnerability in Trojita Project Trojita
The OpenConnectionTask::handleStateHelper function in Imap/Tasks/OpenConnectionTask.cpp in Trojita before 0.4.1 allows man-in-the-middle attackers to trigger use of cleartext for saving a message into a (1) sent or (2) draft folder via a PREAUTH response that prevents later use of the STARTTLS command.
4.3