11 matches found
Medium: evolution
Issue Overview: An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary non-RFC6068 "mailto?attach=..." parameter, a website or other source of mailto links can make Evolution attach local files or directories to a composed email message without showing a warning to th...
Medium: evolution
Issue Overview: An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary non-RFC6068 "mailto?attach=..." parameter, a website or other source of mailto links can make Evolution attach local files or directories to a composed email message without showing a warning to th...
Linux Distros Unpatched Vulnerability : CVE-2020-11879
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary non-RFC6068 mailto?attach=... parameter, a website or other source of mailto...
RHEL 7 : evolution (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - evolution: attaching local filed/directories to composed email can lead to unintended information disclosure...
RHEL 8 : evolution (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - evolution: attaching local filed/directories to composed email can lead to unintended information disclosure...
SUSE SLED12 / SLES12 Security Update : evolution (SUSE-SU-2023:3375-1)
The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3375-1 advisory. - CVE-2020-11879: Fixed issue where websites can attach local files to emails by using a proprietary parameter without...
SUSE-SU-2023:3375-1 Security update for evolution
This update for evolution fixes the following issues: - CVE-2020-11879: Fixed issue where websites can attach local files to emails by using a proprietary parameter without warning the user bsc1169843. - Fix some warnings with newer WebKit - Handle frame flattening change in WebKitGTK 2.40...
Advisory ROSA-SA-2021-1830
Software: evolution 3.28.5 OS: Cobalt 7.9 CVE-ID: CVE-2020-11879 CVE-Crit: MEDIUM CVE-DESC: A problem was found in GNOME Evolution before 3.35.91. Using the proprietary not RFC6068 parameter mailto? Attach = ..., a website or other mailto link source could cause Evolution to attach local files or...
CVE-2020-11879
An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary non-RFC6068 "mailto?attach=..." parameter, a website or other source of mailto links can make Evolution attach local files or directories to a composed email message without showing a warning to the user, as...
CVE-2020-11879
An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary non-RFC6068 "mailto?attach=..." parameter, a website or other source of mailto links can make Evolution attach local files or directories to a composed email message without showing a warning to the user, as...
CVE-2020-11879
CVE-2020-11879 affects GNOME Evolution prior to 3.35.91. A malicious or misleading website can abuse the non‑RFC6068 mailto?attach=… parameter to attach local files or directories to a composed email without warning, enabling potential information disclosure. The issue is triggered by using a pro...