{"url":"http://public2.vulnerablecode.io/api/packages/49673?format=json","purl":"pkg:deb/debian/kmail-account-wizard@4:20.08.3-1%2Bdeb11u1?distro=trixie","type":"deb","namespace":"debian","name":"kmail-account-wizard","version":"4:20.08.3-1+deb11u1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"4:22.12.3-1+deb12u1","latest_non_vulnerable_version":"4:25.12.3-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56707?format=json","vulnerability_id":"VCID-47ty-3kbw-dyhy","summary":"ispdbservice.cpp in KDE Kmail before 6.2.0 allows man-in-the-middle attackers to trigger use of an attacker-controlled mail server because cleartext HTTP is used for a URL such as http://autoconfig.example.com or http://example.com/.well-known/autoconfig for retrieving the configuration. This is related to kmail-account-wizard.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-50624","reference_id":"","reference_type":"","scores":[{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12807","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12904","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-50624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50624"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086198","reference_id":"1086198","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086198"},{"reference_url":"https://kde.org/announcements/megarelease/6/","reference_id":"6","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T20:20:47Z/"}],"url":"https://kde.org/announcements/megarelease/6/"},{"reference_url":"https://invent.kde.org/pim/kmail-account-wizard/-/commit/9784f5ab41c3aff435d4a88afb25585180a62ee4","reference_id":"9784f5ab41c3aff435d4a88afb25585180a62ee4","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T20:20:47Z/"}],"url":"https://invent.kde.org/pim/kmail-account-wizard/-/commit/9784f5ab41c3aff435d4a88afb25585180a62ee4"},{"reference_url":"https://bugs.kde.org/show_bug.cgi?id=487882","reference_id":"show_bug.cgi?id=487882","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T20:20:47Z/"}],"url":"https://bugs.kde.org/show_bug.cgi?id=487882"},{"reference_url":"https://invent.kde.org/pim/kmail/-/tags","reference_id":"tags","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T20:20:47Z/"}],"url":"https://invent.kde.org/pim/kmail/-/tags"},{"reference_url":"https://usn.ubuntu.com/7729-1/","reference_id":"USN-7729-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7729-1/"},{"reference_url":"https://usn.ubuntu.com/7732-1/","reference_id":"USN-7732-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7732-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/49670?format=json","purl":"pkg:deb/debian/kmail-account-wizard@4:20.08.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/kmail-account-wizard@4:20.08.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/49673?format=json","purl":"pkg:deb/debian/kmail-account-wizard@4:20.08.3-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/kmail-account-wizard@4:20.08.3-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/49668?format=json","purl":"pkg:deb/debian/kmail-account-wizard@4:22.12.3-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/kmail-account-wizard@4:22.12.3-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/49674?format=json","purl":"pkg:deb/debian/kmail-account-wizard@4:24.12.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/kmail-account-wizard@4:24.12.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/49672?format=json","purl":"pkg:deb/debian/kmail-account-wizard@4:24.12.3-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/kmail-account-wizard@4:24.12.3-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/49671?format=json","purl":"pkg:deb/debian/kmail-account-wizard@4:25.12.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/kmail-account-wizard@4:25.12.3-1%3Fdistro=trixie"}],"aliases":["CVE-2024-50624"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-47ty-3kbw-dyhy"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/kmail-account-wizard@4:20.08.3-1%252Bdeb11u1%3Fdistro=trixie"}