CVE-2021-39358

2021-08-24T14:18:39
ID RH:CVE-2021-39358
Type redhatcve
Reporter redhat.com
Modified 2021-08-27T11:32:03

Description

In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.