AlmaLinux 8 : evolution (ALSA-2021:1752)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:1752 advisory. - In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid e.g., minimal...

AlmaLinux 8 : evolution (ALSA-2020:4649)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:4649 advisory. - evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a begin TLS response, eds reads additiona...

Mageia: Security Advisory (MGASA-2013-0245)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2020-0351)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

evolution, evolution-data-server, evolution-ews bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

evolution, evolution-data-server, evolution-ews bug fix and enhancement update

An update is available for evolution, evolution-ews, evolution-mapi, evolution-data-server. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed...

ALBA-2021:4180 evolution, evolution-data-server, evolution-ews bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

NewStart CGSL MAIN 6.02 : evolution-data-server Vulnerability (NS-SA-2021-0128)

The remote NewStart CGSL host, running version MAIN 6.02, has evolution-data-server packages installed that are affected by a vulnerability: - evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a begin TLS response, eds reads...

Advisory ROSA-SA-2021-1831

Software: evolution-data-server 3.28.5 OS: Cobalt 7.9 CVE-ID: CVE-2020-14928 CVE-Crit: MEDIUM CVE-DESC: From evolution-data-server eds to 3.36.3 there is an issue with STARTTLS buffering that affects SMTP and POP3. When the server sends a "start TLS" response, eds reads additional data and...

SUSE: Security Advisory (SUSE-SU-2014:1519-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 8 : evolution (ELSA-2021-1752)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-1752 advisory. - Resolves: 1862403 CVE-2020-16117: Crash on malformed server response with minimal capabilities evolution-ews Tenable has extracted the preceding description...

Denial Of Service (DoS)

evolution-data-server is vulnerable to denial of service DoS. The vulnerability exists through a NULL pointer dereference by sending an invalid e.g., minimal CAPABILITY line on a connection attempt...

CentOS 8 : evolution (CESA-2021:1752)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:1752 advisory. - evolution-data-server: NULL pointer dereference related to imapxfreecapability and imapxconnecttoserver CVE-2020-16117 Note that Nessus has not tested for thi...

evolution-data-server: NULL pointer dereference related to imapx_free_capability and imapx_connect_to_server

A NULL pointer dereference flaw was found in the GNOME evolution-data-server when a mail client parses invalid messages from a malicious server. This flaw allows an attacker who controls a mail server the ability to crash the mail clients. The highest threat from this vulnerability is to system...

evolution security, bug fix, and enhancement update

An update is available for evolution, evolution-ews, evolution-data-server. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Evolution is a GNOME application that...

ALSA-2021:1752 Low: evolution security, bug fix, and enhancement update

Evolution is a GNOME application that provides integrated email, calendar, contact management, and communications functionality. The evolution-data-server packages provide a unified back end for applications which interact with contacts, tasks and calendar information. Evolution Data Server was...

Huawei EulerOS: Security Advisory for evolution-data-server (EulerOS-SA-2021-1780)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP3 : evolution-data-server (EulerOS-SA-2021-1780)

According to the version of the evolution-data-server packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a 'begin TLS...

openSUSE: Security Advisory for evolution-data-server (openSUSE-SU-2021:0482-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

The vulnerability of the evolution-data-server database server, related to insufficient neutralization of special elements in queries, allows attackers to compromise data integrity.

The vulnerability of the evolution-data-server database server is related to a STARTTLS framing error, which can affect SMTP and POP3 protocols. Exploiting this vulnerability allows an attacker to compromise the integrity of data...