AVG-2274 log

Package kmail
Status Vulnerable
Severity Medium
Type information disclosure
Affected 21.08.2-1
Fixed Unknown
Current 21.08.2-1 [extra]
Ticket Create
Created Tue Aug 10 16:26:37 2021
Issue Severity Remote Type Description
CVE-2021-38373 Medium Yes Information disclosure
In KDE KMail 19.12.3 (aka 5.13.3), the SMTP STARTTLS option is not honored (and cleartext messages are sent) unless "Server requires authentication" is checked.