The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.
| package | channel | channel version | pkg version | status |
| kdeApplications.kmail | ||||
| nixos-unstable | ||||
| 2020-12-30 13:40:40 UTC (733e53) | vulnerable | |||
| 2020-12-28 03:35:23 UTC (2f4765) | vulnerable | |||
| 2020-12-26 19:40:21 UTC (84917a) | vulnerable | |||
| 2020-12-25 22:30:40 UTC (be0b45) | vulnerable | |||
| 2020-12-24 11:50:43 UTC (57a787) | vulnerable | |||
| kmail | ||||
| nixos-unstable | ||||
| 2020-12-30 13:40:40 UTC (733e53) | vulnerable | |||
| 2020-12-28 03:35:23 UTC (2f4765) | vulnerable | |||
| 2020-12-26 19:40:21 UTC (84917a) | vulnerable | |||
| 2020-12-25 22:30:40 UTC (be0b45) | vulnerable | |||
| 2020-12-24 11:50:43 UTC (57a787) | vulnerable | |||
| libsForQt5.kmail | ||||
| nixos-unstable | ||||
| 2020-12-30 13:40:40 UTC (733e53) | vulnerable | |||
| 2020-12-28 03:35:23 UTC (2f4765) | vulnerable | |||
| 2020-12-26 19:40:21 UTC (84917a) | vulnerable | |||
| 2020-12-25 22:30:40 UTC (be0b45) | vulnerable | |||
| 2020-12-24 11:50:43 UTC (57a787) | vulnerable | |||
| libsForQt512.kmail | ||||
| nixos-unstable | ||||
| 2020-12-30 13:40:40 UTC (733e53) | vulnerable | |||
| 2020-12-28 03:35:23 UTC (2f4765) | vulnerable | |||
| 2020-12-26 19:40:21 UTC (84917a) | vulnerable | |||
| 2020-12-25 22:30:40 UTC (be0b45) | vulnerable | |||
| 2020-12-24 11:50:43 UTC (57a787) | vulnerable | |||
| libsForQt514.kmail | ||||
| nixos-unstable | ||||
| 2020-12-30 13:40:40 UTC (733e53) | vulnerable | |||
| 2020-12-28 03:35:23 UTC (2f4765) | vulnerable | |||
| 2020-12-26 19:40:21 UTC (84917a) | vulnerable | |||
| 2020-12-25 22:30:40 UTC (be0b45) | vulnerable | |||
| 2020-12-24 11:50:43 UTC (57a787) | vulnerable |