Yes, the efail vulnerability is specifically that a maliciously crafted e-mail could cause an e-mail client to inject decrypted cleartext into URLs in HTML content (like an <img src>) - thus exposing the cleartext to the server hosting that URL.
Pass is not affected. /Emil On Mon, 21 May 2018, 11:21 Ben Oliver, <[email protected]> wrote: > On 18-05-21 12:07:30, Vlad Nastasiu wrote: > >Hello, > > > >I have a noob question: does the efail vuln affects password store in any > >way? > >https://efail.de/ > > I am by no means an authority on it but from what I gather it's a > problem with how Mail Clients read HTML. Shouldn't be an issue with > pass. > _______________________________________________ > Password-Store mailing list > [email protected] > https://lists.zx2c4.com/mailman/listinfo/password-store >
_______________________________________________ Password-Store mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/password-store
