CVE-2020-15954 log

Source
Severity Medium
Remote Yes
Type Silent downgrade
Description
KDE KMail 19.12.3 (aka 5.13.3) engages in unencrypted POP3 communication during times when the UI indicates that encryption is in use.
Group Package Affected Fixed Severity Status Ticket
AVG-2567 kdepim-runtime 21.08.3-1 Medium Vulnerable
References
https://nostarttls.secvuln.info/
https://bugs.kde.org/show_bug.cgi?id=423426
https://invent.kde.org/pim/kdepim-runtime/-/commit/bd64ab29116aa7318fdee7f95878ff97580162f2
https://invent.kde.org/pim/kmail-account-wizard/-/commit/a64d80e523edce7d3d59c26834973418fae042f6
https://invent.kde.org/pim/kdepim-runtime/-/commit/35447bd04e8c12afac524e1c4556ef3db088e014