Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/enigmail@2:1.0.1-5

Type deb

Namespace debian

Name enigmail

Version 2:1.0.1-5

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 2:2.2.4-0.2~deb10u1

Latest_non_vulnerable_version 2:2.2.4-0.2~deb10u1

Affected_by_vulnerabilities

url VCID-1t5g-b5jt-8yft

vulnerability_id VCID-1t5g-b5jt-8yft

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-17847

reference_id

reference_type

scores

value	0.00291
scoring_system	epss
scoring_elements	0.52502
published_at	2026-04-21T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52518
published_at	2026-04-18T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52368
published_at	2026-04-01T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52414
published_at	2026-04-02T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52442
published_at	2026-04-04T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52406
published_at	2026-04-07T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52459
published_at	2026-04-08T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52453
published_at	2026-04-09T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52504
published_at	2026-04-11T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52488
published_at	2026-04-12T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52471
published_at	2026-04-13T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52511
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-17847

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17844

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17846
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17846

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17847
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17847

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17848
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17848

reference_url	https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
reference_id
reference_type
scores
url	https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf

reference_url	https://lists.debian.org/debian-lts-announce/2017/12/msg00021.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/12/msg00021.html

reference_url	https://lists.debian.org/debian-security-announce/2017/msg00333.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-security-announce/2017/msg00333.html

reference_url	https://sourceforge.net/p/enigmail/bugs/709/
reference_id
reference_type
scores
url	https://sourceforge.net/p/enigmail/bugs/709/

reference_url	https://www.debian.org/security/2017/dsa-4070
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-4070

reference_url	https://www.mail-archive.com/enigmail-users%40enigmail.net/msg04280.html
reference_id
reference_type
scores
url	https://www.mail-archive.com/enigmail-users%40enigmail.net/msg04280.html

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:enigmail:enigmail::::::::
reference_id	cpe:2.3:a:enigmail:enigmail::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:enigmail:enigmail::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-17847

reference_id

CVE-2017-17847

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-17847

fixed_packages

url pkg:deb/debian/enigmail@2:1.9.9-1~deb8u1

purl pkg:deb/debian/enigmail@2:1.9.9-1~deb8u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1t5g-b5jt-8yft

vulnerability	VCID-7535-appn-5fhm

vulnerability	VCID-9cm4-mu3q-2yey

vulnerability	VCID-bz74-1y1q-8qfc

vulnerability	VCID-c5zg-brhd-4ygg

vulnerability	VCID-g4s8-7k7n-c3an

vulnerability	VCID-gqrn-ek3y-hbg1

vulnerability	VCID-mmdw-63mg-2uhm

vulnerability	VCID-tqpx-hedp-dfcb

vulnerability	VCID-ux6a-2384-suf9

vulnerability	VCID-x8dz-d9af-fyg2

vulnerability	VCID-zm59-us92-2bh1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/enigmail@2:1.9.9-1~deb8u1

url	pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1
purl	pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1

aliases CVE-2017-17847

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1t5g-b5jt-8yft

url VCID-7535-appn-5fhm

vulnerability_id VCID-7535-appn-5fhm

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-17844

reference_id

reference_type

scores

value	0.00238
scoring_system	epss
scoring_elements	0.46892
published_at	2026-04-21T12:55:00Z

value	0.00238
scoring_system	epss
scoring_elements	0.46943
published_at	2026-04-18T12:55:00Z

value	0.00238
scoring_system	epss
scoring_elements	0.46832
published_at	2026-04-01T12:55:00Z

value	0.00238
scoring_system	epss
scoring_elements	0.4687
published_at	2026-04-02T12:55:00Z

value	0.00238
scoring_system	epss
scoring_elements	0.46887
published_at	2026-04-09T12:55:00Z

value	0.00238
scoring_system	epss
scoring_elements	0.46834
published_at	2026-04-07T12:55:00Z

value	0.00238
scoring_system	epss
scoring_elements	0.46888
published_at	2026-04-08T12:55:00Z

value	0.00238
scoring_system	epss
scoring_elements	0.46911
published_at	2026-04-11T12:55:00Z

value	0.00238
scoring_system	epss
scoring_elements	0.46884
published_at	2026-04-12T12:55:00Z

value	0.00238
scoring_system	epss
scoring_elements	0.46891
published_at	2026-04-13T12:55:00Z

value	0.00238
scoring_system	epss
scoring_elements	0.46947
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-17844

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17844

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17846
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17846

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17847
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17847

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17848
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17848

reference_url	https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
reference_id
reference_type
scores
url	https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf

reference_url	https://lists.debian.org/debian-lts-announce/2017/12/msg00021.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/12/msg00021.html

reference_url	https://lists.debian.org/debian-security-announce/2017/msg00333.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-security-announce/2017/msg00333.html

reference_url	https://www.debian.org/security/2017/dsa-4070
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-4070

reference_url	https://www.mail-archive.com/enigmail-users%40enigmail.net/msg04280.html
reference_id
reference_type
scores
url	https://www.mail-archive.com/enigmail-users%40enigmail.net/msg04280.html

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:enigmail:enigmail::::::::
reference_id	cpe:2.3:a:enigmail:enigmail::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:enigmail:enigmail::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-17844

reference_id

CVE-2017-17844

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-17844

fixed_packages

url pkg:deb/debian/enigmail@2:1.9.9-1~deb8u1

purl pkg:deb/debian/enigmail@2:1.9.9-1~deb8u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1t5g-b5jt-8yft

vulnerability	VCID-7535-appn-5fhm

vulnerability	VCID-9cm4-mu3q-2yey

vulnerability	VCID-bz74-1y1q-8qfc

vulnerability	VCID-c5zg-brhd-4ygg

vulnerability	VCID-g4s8-7k7n-c3an

vulnerability	VCID-gqrn-ek3y-hbg1

vulnerability	VCID-mmdw-63mg-2uhm

vulnerability	VCID-tqpx-hedp-dfcb

vulnerability	VCID-ux6a-2384-suf9

vulnerability	VCID-x8dz-d9af-fyg2

vulnerability	VCID-zm59-us92-2bh1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/enigmail@2:1.9.9-1~deb8u1

url	pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1
purl	pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1

aliases CVE-2017-17844

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7535-appn-5fhm

url VCID-9cm4-mu3q-2yey

vulnerability_id VCID-9cm4-mu3q-2yey

summary security update

references

reference_url	http://openwall.com/lists/oss-security/2018/06/08/2
reference_id
reference_type
scores
url	http://openwall.com/lists/oss-security/2018/06/08/2

reference_url	http://packetstormsecurity.com/files/152703/Johnny-You-Are-Fired.html
reference_id
reference_type
scores
url	http://packetstormsecurity.com/files/152703/Johnny-You-Are-Fired.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12020.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12020.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-12020

reference_id

reference_type

scores

value	0.01725
scoring_system	epss
scoring_elements	0.82466
published_at	2026-04-21T12:55:00Z

value	0.01725
scoring_system	epss
scoring_elements	0.82424
published_at	2026-04-13T12:55:00Z

value	0.01725
scoring_system	epss
scoring_elements	0.82459
published_at	2026-04-16T12:55:00Z

value	0.01725
scoring_system	epss
scoring_elements	0.82461
published_at	2026-04-18T12:55:00Z

value	0.02796
scoring_system	epss
scoring_elements	0.86037
published_at	2026-04-01T12:55:00Z

value	0.02796
scoring_system	epss
scoring_elements	0.86048
published_at	2026-04-02T12:55:00Z

value	0.02796
scoring_system	epss
scoring_elements	0.86065
published_at	2026-04-04T12:55:00Z

value	0.02925
scoring_system	epss
scoring_elements	0.8637
published_at	2026-04-07T12:55:00Z

value	0.02925
scoring_system	epss
scoring_elements	0.86389
published_at	2026-04-08T12:55:00Z

value	0.02925
scoring_system	epss
scoring_elements	0.86399
published_at	2026-04-09T12:55:00Z

value	0.02925
scoring_system	epss
scoring_elements	0.86413
published_at	2026-04-11T12:55:00Z

value	0.02925
scoring_system	epss
scoring_elements	0.86411
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-12020

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12020
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12020

reference_url	https://dev.gnupg.org/T4012
reference_id
reference_type
scores
url	https://dev.gnupg.org/T4012

reference_url	http://seclists.org/fulldisclosure/2019/Apr/38
reference_id
reference_type
scores
url	http://seclists.org/fulldisclosure/2019/Apr/38

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/RUB-NDS/Johnny-You-Are-Fired
reference_id
reference_type
scores
url	https://github.com/RUB-NDS/Johnny-You-Are-Fired

reference_url	https://github.com/RUB-NDS/Johnny-You-Are-Fired/blob/master/paper/johnny-fired.pdf
reference_id
reference_type
scores
url	https://github.com/RUB-NDS/Johnny-You-Are-Fired/blob/master/paper/johnny-fired.pdf

reference_url	https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
reference_id
reference_type
scores
url	https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0

reference_url	https://lists.debian.org/debian-lts-announce/2021/12/msg00027.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2021/12/msg00027.html

reference_url	https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000425.html
reference_id
reference_type
scores
url	https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000425.html

reference_url	https://usn.ubuntu.com/3964-1/
reference_id
reference_type
scores
url	https://usn.ubuntu.com/3964-1/

reference_url	https://www.debian.org/security/2018/dsa-4222
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4222

reference_url	https://www.debian.org/security/2018/dsa-4223
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4223

reference_url	https://www.debian.org/security/2018/dsa-4224
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4224

reference_url	http://www.openwall.com/lists/oss-security/2019/04/30/4
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/04/30/4

reference_url	http://www.securityfocus.com/bid/104450
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/104450

reference_url	http://www.securitytracker.com/id/1041051
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1041051

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1589620
reference_id	1589620
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1589620

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901088
reference_id	901088
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901088

reference_url	https://security.archlinux.org/ASA-201806-8
reference_id	ASA-201806-8
reference_type
scores
url	https://security.archlinux.org/ASA-201806-8

reference_url

https://security.archlinux.org/AVG-713

reference_id

AVG-713

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-713

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:gnupg::::::::
reference_id	cpe:2.3:a:gnupg:gnupg::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:gnupg::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-12020

reference_id

CVE-2018-12020

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-12020

reference_url	https://access.redhat.com/errata/RHSA-2018:2180
reference_id	RHSA-2018:2180
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2180

reference_url	https://access.redhat.com/errata/RHSA-2018:2181
reference_id	RHSA-2018:2181
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2181

reference_url	https://usn.ubuntu.com/3675-1/
reference_id	USN-3675-1
reference_type
scores
url	https://usn.ubuntu.com/3675-1/

reference_url	https://usn.ubuntu.com/3675-2/
reference_id	USN-3675-2
reference_type
scores
url	https://usn.ubuntu.com/3675-2/

reference_url	https://usn.ubuntu.com/3675-3/
reference_id	USN-3675-3
reference_type
scores
url	https://usn.ubuntu.com/3675-3/

reference_url	https://usn.ubuntu.com/USN-4839-1/
reference_id	USN-USN-4839-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4839-1/

fixed_packages

url	pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1
purl	pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1

aliases CVE-2018-12020

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9cm4-mu3q-2yey

url VCID-bz74-1y1q-8qfc

vulnerability_id VCID-bz74-1y1q-8qfc

summary The signature verification routine in Enigmail before 2.0.7 interprets user ids as status/control messages and does not correctly keep track of the status of multiple signatures, which allows remote attackers to spoof arbitrary email signatures via public keys containing crafted primary user ids.

references

reference_url	http://openwall.com/lists/oss-security/2018/06/13/10
reference_id
reference_type
scores
url	http://openwall.com/lists/oss-security/2018/06/13/10

reference_url	http://packetstormsecurity.com/files/152703/Johnny-You-Are-Fired.html
reference_id
reference_type
scores
url	http://packetstormsecurity.com/files/152703/Johnny-You-Are-Fired.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-12019

reference_id

reference_type

scores

value	0.00487
scoring_system	epss
scoring_elements	0.65483
published_at	2026-04-21T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.65488
published_at	2026-04-16T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.65499
published_at	2026-04-18T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.65371
published_at	2026-04-01T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.65419
published_at	2026-04-02T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.65446
published_at	2026-04-04T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.65409
published_at	2026-04-07T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.65462
published_at	2026-04-08T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.65473
published_at	2026-04-09T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.65492
published_at	2026-04-11T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.65479
published_at	2026-04-12T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.65451
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-12019

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12019
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12019

reference_url	http://seclists.org/fulldisclosure/2019/Apr/38
reference_id
reference_type
scores
url	http://seclists.org/fulldisclosure/2019/Apr/38

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/RUB-NDS/Johnny-You-Are-Fired
reference_id
reference_type
scores
url	https://github.com/RUB-NDS/Johnny-You-Are-Fired

reference_url	https://github.com/RUB-NDS/Johnny-You-Are-Fired/blob/master/paper/johnny-fired.pdf
reference_id
reference_type
scores
url	https://github.com/RUB-NDS/Johnny-You-Are-Fired/blob/master/paper/johnny-fired.pdf

reference_url	https://www.enigmail.net/index.php/en/download/changelog
reference_id
reference_type
scores
url	https://www.enigmail.net/index.php/en/download/changelog

reference_url	http://www.openwall.com/lists/oss-security/2019/04/30/4
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/04/30/4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:enigmail:enigmail::::::::
reference_id	cpe:2.3:a:enigmail:enigmail::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:enigmail:enigmail::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-12019

reference_id

CVE-2018-12019

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-12019

fixed_packages

url	pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1
purl	pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1

aliases CVE-2018-12019

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bz74-1y1q-8qfc

url VCID-c5zg-brhd-4ygg

vulnerability_id VCID-c5zg-brhd-4ygg

summary OpenPGP: CFB gadget attacks allows to exfiltrate plaintext out of encrypted emails

references

reference_url	http://flaked.sockpuppet.org/2018/05/16/a-unified-timeline.html
reference_id
reference_type
scores
url	http://flaked.sockpuppet.org/2018/05/16/a-unified-timeline.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17688.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17688.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-17688

reference_id

reference_type

scores

value	0.03268
scoring_system	epss
scoring_elements	0.87102
published_at	2026-04-01T12:55:00Z

value	0.03268
scoring_system	epss
scoring_elements	0.87169
published_at	2026-04-21T12:55:00Z

value	0.03268
scoring_system	epss
scoring_elements	0.87153
published_at	2026-04-13T12:55:00Z

value	0.03268
scoring_system	epss
scoring_elements	0.8717
published_at	2026-04-16T12:55:00Z

value	0.03268
scoring_system	epss
scoring_elements	0.87174
published_at	2026-04-18T12:55:00Z

value	0.03268
scoring_system	epss
scoring_elements	0.87113
published_at	2026-04-02T12:55:00Z

value	0.03268
scoring_system	epss
scoring_elements	0.8713
published_at	2026-04-04T12:55:00Z

value	0.03268
scoring_system	epss
scoring_elements	0.87123
published_at	2026-04-07T12:55:00Z

value	0.03268
scoring_system	epss
scoring_elements	0.87143
published_at	2026-04-08T12:55:00Z

value	0.03268
scoring_system	epss
scoring_elements	0.87151
published_at	2026-04-09T12:55:00Z

value	0.03268
scoring_system	epss
scoring_elements	0.87164
published_at	2026-04-11T12:55:00Z

value	0.03268
scoring_system	epss
scoring_elements	0.87158
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-17688

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17688
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17688

reference_url	https://efail.de
reference_id
reference_type
scores
url	https://efail.de

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060334.html
reference_id
reference_type
scores
url	https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060334.html

reference_url	https://news.ycombinator.com/item?id=17066419
reference_id
reference_type
scores
url	https://news.ycombinator.com/item?id=17066419

reference_url	https://protonmail.com/blog/pgp-vulnerability-efail
reference_id
reference_type
scores
url	https://protonmail.com/blog/pgp-vulnerability-efail

reference_url	https://twitter.com/matthew_d_green/status/995996706457243648
reference_id
reference_type
scores
url	https://twitter.com/matthew_d_green/status/995996706457243648

reference_url	https://www.patreon.com/posts/cybersecurity-15-18814817
reference_id
reference_type
scores
url	https://www.patreon.com/posts/cybersecurity-15-18814817

reference_url	https://www.synology.com/support/security/Synology_SA_18_22
reference_id
reference_type
scores
url	https://www.synology.com/support/security/Synology_SA_18_22

reference_url	http://www.securityfocus.com/bid/104162
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/104162

reference_url	http://www.securitytracker.com/id/1040904
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040904

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1577906
reference_id	1577906
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1577906

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898630
reference_id	898630
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898630

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:mail:-:::::::*
reference_id	cpe:2.3:a:apple:mail:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:mail:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:mail:-:::::iphone_os::
reference_id	cpe:2.3:a:apple:mail:-:::::iphone_os::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:mail:-:::::iphone_os::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bloop:airmail:-:::::::*
reference_id	cpe:2.3:a:bloop:airmail:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bloop:airmail:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:emclient:emclient:-:::::::*
reference_id	cpe:2.3:a:emclient:emclient:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:emclient:emclient:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:flipdogsolutions:maildroid:-:::::::*
reference_id	cpe:2.3:a:flipdogsolutions:maildroid:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:flipdogsolutions:maildroid:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freron:mailmate:-:::::::*
reference_id	cpe:2.3:a:freron:mailmate:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freron:mailmate:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:horde:horde_imp:-:::::::*
reference_id	cpe:2.3:a:horde:horde_imp:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:horde:horde_imp:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:outlook:2007:::::::*
reference_id	cpe:2.3:a:microsoft:outlook:2007:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:outlook:2007:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:-:::::::*
reference_id	cpe:2.3:a:mozilla:thunderbird:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postbox-inc:postbox:-:::::::*
reference_id	cpe:2.3:a:postbox-inc:postbox:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postbox-inc:postbox:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:r2mail2:r2mail2:-:::::::*
reference_id	cpe:2.3:a:r2mail2:r2mail2:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:r2mail2:r2mail2:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:-:::::::*
reference_id	cpe:2.3:a:roundcube:webmail:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:roundcube:webmail:-:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-17688

reference_id

CVE-2017-17688

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-17688

fixed_packages

url	pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1
purl	pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1

aliases CVE-2017-17688

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c5zg-brhd-4ygg

url VCID-f212-18j2-rych

vulnerability_id VCID-f212-18j2-rych

summary update

references

fixed_packages

url pkg:deb/debian/enigmail@2:1.9.9-1~deb8u1

purl pkg:deb/debian/enigmail@2:1.9.9-1~deb8u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1t5g-b5jt-8yft

vulnerability	VCID-7535-appn-5fhm

vulnerability	VCID-9cm4-mu3q-2yey

vulnerability	VCID-bz74-1y1q-8qfc

vulnerability	VCID-c5zg-brhd-4ygg

vulnerability	VCID-g4s8-7k7n-c3an

vulnerability	VCID-gqrn-ek3y-hbg1

vulnerability	VCID-mmdw-63mg-2uhm

vulnerability	VCID-tqpx-hedp-dfcb

vulnerability	VCID-ux6a-2384-suf9

vulnerability	VCID-x8dz-d9af-fyg2

vulnerability	VCID-zm59-us92-2bh1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/enigmail@2:1.9.9-1~deb8u1

aliases DSA-3921-1 enigmail

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f212-18j2-rych

url VCID-g4s8-7k7n-c3an

vulnerability_id VCID-g4s8-7k7n-c3an

summary Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can cause the product to display a "correctly signed" message indication, but display different unauthenticated text.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-12269

reference_id

reference_type

scores

value	0.00274
scoring_system	epss
scoring_elements	0.50798
published_at	2026-04-21T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.51789
published_at	2026-04-02T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.51814
published_at	2026-04-04T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.51775
published_at	2026-04-07T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.5183
published_at	2026-04-08T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.51739
published_at	2026-04-01T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.51879
published_at	2026-04-11T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.51859
published_at	2026-04-12T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.51843
published_at	2026-04-13T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.51885
published_at	2026-04-16T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.51892
published_at	2026-04-18T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.51827
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-12269

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12269
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12269

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929363
reference_id	929363
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929363

fixed_packages

url	pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1
purl	pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1

aliases CVE-2019-12269

risk_score 1.9

exploitability 0.5

weighted_severity 3.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g4s8-7k7n-c3an

url VCID-gqrn-ek3y-hbg1

vulnerability_id VCID-gqrn-ek3y-hbg1

summary security update

references

reference_url	http://packetstormsecurity.com/files/152703/Johnny-You-Are-Fired.html
reference_id
reference_type
scores
url	http://packetstormsecurity.com/files/152703/Johnny-You-Are-Fired.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-17848

reference_id

reference_type

scores

value	0.00872
scoring_system	epss
scoring_elements	0.75274
published_at	2026-04-21T12:55:00Z

value	0.00872
scoring_system	epss
scoring_elements	0.75283
published_at	2026-04-18T12:55:00Z

value	0.00872
scoring_system	epss
scoring_elements	0.75185
published_at	2026-04-01T12:55:00Z

value	0.00872
scoring_system	epss
scoring_elements	0.75188
published_at	2026-04-02T12:55:00Z

value	0.00872
scoring_system	epss
scoring_elements	0.75219
published_at	2026-04-04T12:55:00Z

value	0.00872
scoring_system	epss
scoring_elements	0.75197
published_at	2026-04-07T12:55:00Z

value	0.00872
scoring_system	epss
scoring_elements	0.75239
published_at	2026-04-08T12:55:00Z

value	0.00872
scoring_system	epss
scoring_elements	0.7525
published_at	2026-04-09T12:55:00Z

value	0.00872
scoring_system	epss
scoring_elements	0.75271
published_at	2026-04-11T12:55:00Z

value	0.00872
scoring_system	epss
scoring_elements	0.75248
published_at	2026-04-12T12:55:00Z

value	0.00872
scoring_system	epss
scoring_elements	0.75237
published_at	2026-04-13T12:55:00Z

value	0.00872
scoring_system	epss
scoring_elements	0.75276
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-17848

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17844

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17846
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17846

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17847
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17847

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17848
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17848

reference_url	http://seclists.org/fulldisclosure/2019/Apr/38
reference_id
reference_type
scores
url	http://seclists.org/fulldisclosure/2019/Apr/38

reference_url	https://github.com/RUB-NDS/Johnny-You-Are-Fired
reference_id
reference_type
scores
url	https://github.com/RUB-NDS/Johnny-You-Are-Fired

reference_url	https://github.com/RUB-NDS/Johnny-You-Are-Fired/blob/master/paper/johnny-fired.pdf
reference_id
reference_type
scores
url	https://github.com/RUB-NDS/Johnny-You-Are-Fired/blob/master/paper/johnny-fired.pdf

reference_url	https://lists.debian.org/debian-lts-announce/2017/12/msg00021.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/12/msg00021.html

reference_url	https://lists.debian.org/debian-security-announce/2017/msg00333.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-security-announce/2017/msg00333.html

reference_url	https://sourceforge.net/p/enigmail/bugs/709/
reference_id
reference_type
scores
url	https://sourceforge.net/p/enigmail/bugs/709/

reference_url	https://www.debian.org/security/2017/dsa-4070
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-4070

reference_url	http://www.openwall.com/lists/oss-security/2019/04/30/4
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/04/30/4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:enigmail:enigmail::::::::
reference_id	cpe:2.3:a:enigmail:enigmail::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:enigmail:enigmail::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-17848

reference_id

CVE-2017-17848

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-17848

fixed_packages

url pkg:deb/debian/enigmail@2:1.9.9-1~deb8u1

purl pkg:deb/debian/enigmail@2:1.9.9-1~deb8u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1t5g-b5jt-8yft

vulnerability	VCID-7535-appn-5fhm

vulnerability	VCID-9cm4-mu3q-2yey

vulnerability	VCID-bz74-1y1q-8qfc

vulnerability	VCID-c5zg-brhd-4ygg

vulnerability	VCID-g4s8-7k7n-c3an

vulnerability	VCID-gqrn-ek3y-hbg1

vulnerability	VCID-mmdw-63mg-2uhm

vulnerability	VCID-tqpx-hedp-dfcb

vulnerability	VCID-ux6a-2384-suf9

vulnerability	VCID-x8dz-d9af-fyg2

vulnerability	VCID-zm59-us92-2bh1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/enigmail@2:1.9.9-1~deb8u1

url	pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1
purl	pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1

aliases CVE-2017-17848

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gqrn-ek3y-hbg1

url VCID-mmdw-63mg-2uhm

vulnerability_id VCID-mmdw-63mg-2uhm

summary In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, he unknowingly leaks the plaintext of the encrypted message part(s) back to the attacker. This attack variant bypasses protection mechanisms implemented after the "EFAIL" attacks.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14664

reference_id

reference_type

scores

value	0.00144
scoring_system	epss
scoring_elements	0.34633
published_at	2026-04-01T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34847
published_at	2026-04-02T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34874
published_at	2026-04-04T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.3475
published_at	2026-04-07T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34793
published_at	2026-04-08T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34822
published_at	2026-04-09T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34827
published_at	2026-04-11T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34789
published_at	2026-04-12T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34764
published_at	2026-04-13T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34799
published_at	2026-04-16T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34785
published_at	2026-04-18T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34745
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14664

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14664
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14664

fixed_packages

url	pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1
purl	pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1

aliases CVE-2019-14664

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mmdw-63mg-2uhm

url VCID-tqpx-hedp-dfcb

vulnerability_id VCID-tqpx-hedp-dfcb

summary Enigmail before 2.0.6 is prone to to OpenPGP signatures being spoofed for arbitrary messages using a PGP/INLINE signature wrapped within a specially crafted multipart HTML email.

references

reference_url	http://packetstormsecurity.com/files/152703/Johnny-You-Are-Fired.html
reference_id
reference_type
scores
url	http://packetstormsecurity.com/files/152703/Johnny-You-Are-Fired.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-15586

reference_id

reference_type

scores

value	0.00254
scoring_system	epss
scoring_elements	0.48795
published_at	2026-04-18T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48799
published_at	2026-04-16T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.4868
published_at	2026-04-01T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48719
published_at	2026-04-02T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48745
published_at	2026-04-04T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.487
published_at	2026-04-07T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48754
published_at	2026-04-21T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48751
published_at	2026-04-09T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48769
published_at	2026-04-11T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48743
published_at	2026-04-12T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.4875
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-15586

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15586
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15586

reference_url	http://seclists.org/fulldisclosure/2019/Apr/38
reference_id
reference_type
scores
url	http://seclists.org/fulldisclosure/2019/Apr/38

reference_url	https://github.com/RUB-NDS/Johnny-You-Are-Fired
reference_id
reference_type
scores
url	https://github.com/RUB-NDS/Johnny-You-Are-Fired

reference_url	https://github.com/RUB-NDS/Johnny-You-Are-Fired/blob/master/paper/johnny-fired.pdf
reference_id
reference_type
scores
url	https://github.com/RUB-NDS/Johnny-You-Are-Fired/blob/master/paper/johnny-fired.pdf

reference_url	https://sourceforge.net/p/enigmail/bugs/849/
reference_id
reference_type
scores
url	https://sourceforge.net/p/enigmail/bugs/849/

reference_url	http://www.openwall.com/lists/oss-security/2019/04/30/4
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/04/30/4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:enigmail:enigmail::::::::
reference_id	cpe:2.3:a:enigmail:enigmail::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:enigmail:enigmail::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-15586

reference_id

CVE-2018-15586

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-15586

fixed_packages

url	pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1
purl	pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1

aliases CVE-2018-15586

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tqpx-hedp-dfcb

url VCID-ux6a-2384-suf9

vulnerability_id VCID-ux6a-2384-suf9

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-17846

reference_id

reference_type

scores

value	0.00782
scoring_system	epss
scoring_elements	0.73776
published_at	2026-04-18T12:55:00Z

value	0.00782
scoring_system	epss
scoring_elements	0.73768
published_at	2026-04-21T12:55:00Z

value	0.00782
scoring_system	epss
scoring_elements	0.73678
published_at	2026-04-01T12:55:00Z

value	0.00782
scoring_system	epss
scoring_elements	0.73687
published_at	2026-04-02T12:55:00Z

value	0.00782
scoring_system	epss
scoring_elements	0.73711
published_at	2026-04-04T12:55:00Z

value	0.00782
scoring_system	epss
scoring_elements	0.73683
published_at	2026-04-07T12:55:00Z

value	0.00782
scoring_system	epss
scoring_elements	0.73718
published_at	2026-04-08T12:55:00Z

value	0.00782
scoring_system	epss
scoring_elements	0.73731
published_at	2026-04-09T12:55:00Z

value	0.00782
scoring_system	epss
scoring_elements	0.73752
published_at	2026-04-11T12:55:00Z

value	0.00782
scoring_system	epss
scoring_elements	0.73735
published_at	2026-04-12T12:55:00Z

value	0.00782
scoring_system	epss
scoring_elements	0.73726
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-17846

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17844

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17846
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17846

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17847
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17847

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17848
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17848

reference_url	https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
reference_id
reference_type
scores
url	https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf

reference_url	https://lists.debian.org/debian-lts-announce/2017/12/msg00021.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/12/msg00021.html

reference_url	https://lists.debian.org/debian-security-announce/2017/msg00333.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-security-announce/2017/msg00333.html

reference_url	https://www.debian.org/security/2017/dsa-4070
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-4070

reference_url	https://www.mail-archive.com/enigmail-users%40enigmail.net/msg04280.html
reference_id
reference_type
scores
url	https://www.mail-archive.com/enigmail-users%40enigmail.net/msg04280.html

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:enigmail:enigmail::::::::
reference_id	cpe:2.3:a:enigmail:enigmail::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:enigmail:enigmail::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-17846

reference_id

CVE-2017-17846

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-17846

fixed_packages

url pkg:deb/debian/enigmail@2:1.9.9-1~deb8u1

purl pkg:deb/debian/enigmail@2:1.9.9-1~deb8u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1t5g-b5jt-8yft

vulnerability	VCID-7535-appn-5fhm

vulnerability	VCID-9cm4-mu3q-2yey

vulnerability	VCID-bz74-1y1q-8qfc

vulnerability	VCID-c5zg-brhd-4ygg

vulnerability	VCID-g4s8-7k7n-c3an

vulnerability	VCID-gqrn-ek3y-hbg1

vulnerability	VCID-mmdw-63mg-2uhm

vulnerability	VCID-tqpx-hedp-dfcb

vulnerability	VCID-ux6a-2384-suf9

vulnerability	VCID-x8dz-d9af-fyg2

vulnerability	VCID-zm59-us92-2bh1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/enigmail@2:1.9.9-1~deb8u1

url	pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1
purl	pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1

aliases CVE-2017-17846

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ux6a-2384-suf9

url VCID-x8dz-d9af-fyg2

vulnerability_id VCID-x8dz-d9af-fyg2

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-17845

reference_id

reference_type

scores

value	0.00508
scoring_system	epss
scoring_elements	0.66333
published_at	2026-04-21T12:55:00Z

value	0.00508
scoring_system	epss
scoring_elements	0.66347
published_at	2026-04-18T12:55:00Z

value	0.00508
scoring_system	epss
scoring_elements	0.66224
published_at	2026-04-01T12:55:00Z

value	0.00508
scoring_system	epss
scoring_elements	0.66264
published_at	2026-04-02T12:55:00Z

value	0.00508
scoring_system	epss
scoring_elements	0.6629
published_at	2026-04-04T12:55:00Z

value	0.00508
scoring_system	epss
scoring_elements	0.6626
published_at	2026-04-07T12:55:00Z

value	0.00508
scoring_system	epss
scoring_elements	0.66308
published_at	2026-04-08T12:55:00Z

value	0.00508
scoring_system	epss
scoring_elements	0.66321
published_at	2026-04-09T12:55:00Z

value	0.00508
scoring_system	epss
scoring_elements	0.66341
published_at	2026-04-11T12:55:00Z

value	0.00508
scoring_system	epss
scoring_elements	0.66328
published_at	2026-04-12T12:55:00Z

value	0.00508
scoring_system	epss
scoring_elements	0.66297
published_at	2026-04-13T12:55:00Z

value	0.00508
scoring_system	epss
scoring_elements	0.66332
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-17845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17844

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17846
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17846

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17847
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17847

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17848
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17848

reference_url	https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
reference_id
reference_type
scores
url	https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf

reference_url	https://lists.debian.org/debian-lts-announce/2017/12/msg00021.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/12/msg00021.html

reference_url	https://lists.debian.org/debian-security-announce/2017/msg00333.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-security-announce/2017/msg00333.html

reference_url	https://www.debian.org/security/2017/dsa-4070
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-4070

reference_url	https://www.mail-archive.com/enigmail-users%40enigmail.net/msg04280.html
reference_id
reference_type
scores
url	https://www.mail-archive.com/enigmail-users%40enigmail.net/msg04280.html

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:enigmail:enigmail::::::::
reference_id	cpe:2.3:a:enigmail:enigmail::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:enigmail:enigmail::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-17845

reference_id

CVE-2017-17845

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://nvd.nist.gov/vuln/detail/CVE-2017-17845

fixed_packages

url pkg:deb/debian/enigmail@2:1.9.9-1~deb8u1

purl pkg:deb/debian/enigmail@2:1.9.9-1~deb8u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1t5g-b5jt-8yft

vulnerability	VCID-7535-appn-5fhm

vulnerability	VCID-9cm4-mu3q-2yey

vulnerability	VCID-bz74-1y1q-8qfc

vulnerability	VCID-c5zg-brhd-4ygg

vulnerability	VCID-g4s8-7k7n-c3an

vulnerability	VCID-gqrn-ek3y-hbg1

vulnerability	VCID-mmdw-63mg-2uhm

vulnerability	VCID-tqpx-hedp-dfcb

vulnerability	VCID-ux6a-2384-suf9

vulnerability	VCID-x8dz-d9af-fyg2

vulnerability	VCID-zm59-us92-2bh1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/enigmail@2:1.9.9-1~deb8u1

url	pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1
purl	pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1

aliases CVE-2017-17845

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x8dz-d9af-fyg2

url VCID-xbab-79ux-t3bn

vulnerability_id VCID-xbab-79ux-t3bn

summary

Multiple vulnerabilities have been found in Mozilla Firefox,
    Thunderbird, and SeaMonkey, the worst of which may allow user-assisted
    execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-updates/2014-09/msg00004.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2014-09/msg00004.html

reference_url	http://lists.opensuse.org/opensuse-updates/2014-09/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2014-09/msg00008.html

reference_url	https://advisories.mageia.org/MGASA-2014-0421.html
reference_id
reference_type
scores
url	https://advisories.mageia.org/MGASA-2014-0421.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-5369

reference_id

reference_type

scores

value	0.00582
scoring_system	epss
scoring_elements	0.68955
published_at	2026-04-21T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68857
published_at	2026-04-01T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68875
published_at	2026-04-02T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68895
published_at	2026-04-04T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68876
published_at	2026-04-07T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68926
published_at	2026-04-08T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68945
published_at	2026-04-09T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68968
published_at	2026-04-11T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68953
published_at	2026-04-12T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68924
published_at	2026-04-13T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68964
published_at	2026-04-16T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68975
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-5369

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5369
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5369

reference_url	http://secunia.com/advisories/60779
reference_id
reference_type
scores
url	http://secunia.com/advisories/60779

reference_url	http://secunia.com/advisories/60887
reference_id
reference_type
scores
url	http://secunia.com/advisories/60887

reference_url	http://secunia.com/advisories/61854
reference_id
reference_type
scores
url	http://secunia.com/advisories/61854

reference_url	http://sourceforge.net/p/enigmail/bugs/294/
reference_id
reference_type
scores
url	http://sourceforge.net/p/enigmail/bugs/294/

reference_url	http://sourceforge.net/p/enigmail/forum/support/thread/3e7268a4/
reference_id
reference_type
scores
url	http://sourceforge.net/p/enigmail/forum/support/thread/3e7268a4/

reference_url	http://www.openwall.com/lists/oss-security/2014/08/18/2
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2014/08/18/2

reference_url	http://www.openwall.com/lists/oss-security/2014/08/22/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2014/08/22/1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:enigmail:enigmail:1.7:::::::*
reference_id	cpe:2.3:a:enigmail:enigmail:1.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:enigmail:enigmail:1.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:enigmail:enigmail:1.7.2:::::::*
reference_id	cpe:2.3:a:enigmail:enigmail:1.7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:enigmail:enigmail:1.7.2:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-5369

reference_id

CVE-2014-5369

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2014-5369

reference_url	https://security.gentoo.org/glsa/201504-01
reference_id	GLSA-201504-01
reference_type
scores
url	https://security.gentoo.org/glsa/201504-01

fixed_packages

url pkg:deb/debian/enigmail@2:1.7.2-3

purl pkg:deb/debian/enigmail@2:1.7.2-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1t5g-b5jt-8yft

vulnerability	VCID-7535-appn-5fhm

vulnerability	VCID-9cm4-mu3q-2yey

vulnerability	VCID-bz74-1y1q-8qfc

vulnerability	VCID-c5zg-brhd-4ygg

vulnerability	VCID-f212-18j2-rych

vulnerability	VCID-g4s8-7k7n-c3an

vulnerability	VCID-gqrn-ek3y-hbg1

vulnerability	VCID-mmdw-63mg-2uhm

vulnerability	VCID-tqpx-hedp-dfcb

vulnerability	VCID-ux6a-2384-suf9

vulnerability	VCID-x8dz-d9af-fyg2

vulnerability	VCID-zm59-us92-2bh1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/enigmail@2:1.7.2-3

aliases CVE-2014-5369

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xbab-79ux-t3bn

url VCID-zm59-us92-2bh1

vulnerability_id VCID-zm59-us92-2bh1

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-17843

reference_id

reference_type

scores

value	0.00204
scoring_system	epss
scoring_elements	0.42547
published_at	2026-04-21T12:55:00Z

value	0.00204
scoring_system	epss
scoring_elements	0.42628
published_at	2026-04-16T12:55:00Z

value	0.00204
scoring_system	epss
scoring_elements	0.42511
published_at	2026-04-01T12:55:00Z

value	0.00204
scoring_system	epss
scoring_elements	0.42582
published_at	2026-04-02T12:55:00Z

value	0.00204
scoring_system	epss
scoring_elements	0.4261
published_at	2026-04-04T12:55:00Z

value	0.00204
scoring_system	epss
scoring_elements	0.42549
published_at	2026-04-07T12:55:00Z

value	0.00204
scoring_system	epss
scoring_elements	0.42601
published_at	2026-04-08T12:55:00Z

value	0.00204
scoring_system	epss
scoring_elements	0.42612
published_at	2026-04-18T12:55:00Z

value	0.00204
scoring_system	epss
scoring_elements	0.42634
published_at	2026-04-11T12:55:00Z

value	0.00204
scoring_system	epss
scoring_elements	0.42597
published_at	2026-04-12T12:55:00Z

value	0.00204
scoring_system	epss
scoring_elements	0.42569
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-17843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17844

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17846
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17846

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17847
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17847

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17848
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17848

reference_url	https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
reference_id
reference_type
scores
url	https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf

reference_url	https://lists.debian.org/debian-lts-announce/2017/12/msg00021.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/12/msg00021.html

reference_url	https://lists.debian.org/debian-security-announce/2017/msg00333.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-security-announce/2017/msg00333.html

reference_url	https://www.debian.org/security/2017/dsa-4070
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-4070

reference_url	https://www.mail-archive.com/enigmail-users%40enigmail.net/msg04280.html
reference_id
reference_type
scores
url	https://www.mail-archive.com/enigmail-users%40enigmail.net/msg04280.html

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:enigmail:enigmail::::::::
reference_id	cpe:2.3:a:enigmail:enigmail::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:enigmail:enigmail::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-17843

reference_id

CVE-2017-17843

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-17843

fixed_packages

url pkg:deb/debian/enigmail@2:1.9.9-1~deb8u1

purl pkg:deb/debian/enigmail@2:1.9.9-1~deb8u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1t5g-b5jt-8yft

vulnerability	VCID-7535-appn-5fhm

vulnerability	VCID-9cm4-mu3q-2yey

vulnerability	VCID-bz74-1y1q-8qfc

vulnerability	VCID-c5zg-brhd-4ygg

vulnerability	VCID-g4s8-7k7n-c3an

vulnerability	VCID-gqrn-ek3y-hbg1

vulnerability	VCID-mmdw-63mg-2uhm

vulnerability	VCID-tqpx-hedp-dfcb

vulnerability	VCID-ux6a-2384-suf9

vulnerability	VCID-x8dz-d9af-fyg2

vulnerability	VCID-zm59-us92-2bh1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/enigmail@2:1.9.9-1~deb8u1

url	pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1
purl	pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/enigmail@2:2.2.4-0.2~deb10u1

aliases CVE-2017-17843

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zm59-us92-2bh1

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/enigmail@2:1.0.1-5

Package Instance