OpenPGP, S/MIME Mail Client Vulnerabilities

Original release date: May 14, 2018

The CERT Coordination Center (CERT/CC) has released information on email client vulnerabilities that can reveal plaintext versions of OpenPGP- and S/MIME-encrypted emails. A remote attacker could exploit these vulnerabilities to obtain sensitive information.

NCCIC encourages users and administrators to review CERT/CC’s Vulnerability Note VU #122919, apply the necessary mitigations, and refer to software vendors for appropriate patches, when available.


This product is provided subject to this Notification and this Privacy & Use policy.