2 matches found
CVE-2010-4532
offlineimap before 6.3.2 does not check for SSL server certificate validation when "ssl = yes" option is specified which can allow man-in-the-middle attacks...
CVE-2010-4532
CVE-2010-4532 affects offlineimap prior to 6.3.2. The issue is that SSL certificate validation is not performed when the option “ssl = yes” is used, enabling potential man-in-the-middle attacks. This is caused by missing certificate validation in the SSL path of the client. Impact is limited to c...