CVE-2020-15954

MEDIUM

KDE Kmail - Cleartext Transmission

Title source: rule

Description

KDE KMail 19.12.3 (aka 5.13.3) engages in unencrypted POP3 communication during times when the UI indicates that encryption is in use.

References (2)

Scores

CVSS v3 6.5
EPSS 0.0010
EPSS Percentile 28.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Classification

CWE
CWE-319
Status published

Affected Products (2)

kde/kmail
debian/debian_linux

Timeline

Published Jul 27, 2020
Tracked Since Feb 18, 2026