VulnerableCode Package Details - pkg:deb/debian/enigmail@2:2.0.7-1?distro=bullseye

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-9cm4-mu3q-2yey	security update	CVE-2018-12020
VCID-bz74-1y1q-8qfc	The signature verification routine in Enigmail before 2.0.7 interprets user ids as status/control messages and does not correctly keep track of the status of multiple signatures, which allows remote attackers to spoof arbitrary email signatures via public keys containing crafted primary user ids.	CVE-2018-12019

Vulnerability

Summary

Aliases

VCID-9cm4-mu3q-2yey

security update

CVE-2018-12020

VCID-bz74-1y1q-8qfc

The signature verification routine in Enigmail before 2.0.7 interprets user ids as status/control messages and does not correctly keep track of the status of multiple signatures, which allows remote attackers to spoof arbitrary email signatures via public keys containing crafted primary user ids.

CVE-2018-12019

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T13:16:36.966166+00:00	Debian Importer	Fixing	VCID-9cm4-mu3q-2yey	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T12:50:55.183353+00:00	Debian Importer	Fixing	VCID-bz74-1y1q-8qfc	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T09:08:34.836708+00:00	Debian Importer	Fixing	VCID-9cm4-mu3q-2yey	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:49:05.552775+00:00	Debian Importer	Fixing	VCID-bz74-1y1q-8qfc	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-02T17:17:57.202752+00:00	Debian Importer	Fixing	VCID-9cm4-mu3q-2yey	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:16:17.947219+00:00	Debian Importer	Fixing	VCID-bz74-1y1q-8qfc	https://security-tracker.debian.org/tracker/data/json	38.1.0