CVE-2020-15954 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	Yes
Type	Silent downgrade
Description	KDE KMail 19.12.3 (aka 5.13.3) engages in unencrypted POP3 communication during times when the UI indicates that encryption is in use.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-2567	kdepim-runtime	21.08.3-1	21.12.0-1	Medium	Fixed

References
https://nostarttls.secvuln.info/ https://bugs.kde.org/show_bug.cgi?id=423426 https://invent.kde.org/pim/kdepim-runtime/-/commit/bd64ab29116aa7318fdee7f95878ff97580162f2 https://invent.kde.org/pim/kmail-account-wizard/-/commit/a64d80e523edce7d3d59c26834973418fae042f6 https://invent.kde.org/pim/kdepim-runtime/-/commit/35447bd04e8c12afac524e1c4556ef3db088e014

References

https://nostarttls.secvuln.info/
https://bugs.kde.org/show_bug.cgi?id=423426
https://invent.kde.org/pim/kdepim-runtime/-/commit/bd64ab29116aa7318fdee7f95878ff97580162f2
https://invent.kde.org/pim/kmail-account-wizard/-/commit/a64d80e523edce7d3d59c26834973418fae042f6
https://invent.kde.org/pim/kdepim-runtime/-/commit/35447bd04e8c12afac524e1c4556ef3db088e014