The Security and Privacy Encryption feature in Mailpile before 1.0.0rc4 does not exclude disabled, revoked, and expired keys.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Mailpile | Mailpile | 0.5.0 (including) | 0.5.0 (including) |
| Mailpile | Mailpile | 0.5.1 (including) | 0.5.1 (including) |
| Mailpile | Mailpile | 0.5.2 (including) | 0.5.2 (including) |
| Mailpile | Mailpile | 1.0.0-rc0 (including) | 1.0.0-rc0 (including) |
| Mailpile | Mailpile | 1.0.0-rc1 (including) | 1.0.0-rc1 (including) |
| Mailpile | Mailpile | 1.0.0-rc2 (including) | 1.0.0-rc2 (including) |
| Mailpile | Mailpile | 1.0.0-rc3 (including) | 1.0.0-rc3 (including) |