Lucene search

K

GoogleOSV:CVE-2021-26911

HistoryFeb 17, 2021 - 9:15 p.m.

CVE-2021-26911

2021-02-1721:15:12

Google

osv.dev

8

canary mail

ssl certificate validation

imap

AI Score

6.9

Confidence

High

EPSS

0.002

Percentile

61.9%

core/imap/MCIMAPSession.cpp in Canary Mail before 3.22 has Missing SSL Certificate Validation for IMAP in STARTTLS mode.

References

www.openwall.com/lists/oss-security/2021/02/17/3

apps.apple.com/us/app/canary-mail/id1236045954

census-labs.com/news/2021/02/17/canary-mail-app-missing-certificate-validation-check-on-imap-starttls/

census-labs.com/news/category/advisories/

github.com/canarymail/mailcore2/commit/45acb4efbcaa57a20ac5127dc976538671fce018

www.openwall.com/lists/oss-security/2021/02/17/3

AI Score

6.9

Confidence

High

EPSS

0.002

Percentile

61.9%

Related for OSV:CVE-2021-26911

cvelist1 cve1 prion1 nvd1