13 matches found
CVE-2026-13324
A vulnerability has been identified in the GNOME Geary package within its mailto URI handling component. This flaw occurs because the email client automatically processes a non-standard attach parameter in email links without prompting or alerting the user. An attacker could exploit this by...
EUVD-2020-17375
Malware in sbrugna...
SUSE CVE-2020-24661
GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates e.g., self-signed certificates when the client system is not configured to use a system-provided PKCS11 store. This allows a meddler in the middle to present a...
Updated geary package fixes a security vulnerability
GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates e.g., self-signed certificates when the client system is not configured to use a system-provided PKCS11 store. This allows a meddler in the middle to present a...
CVE-2020-24661
GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates e.g., self-signed certificates when the client system is not configured to use a system-provided PKCS11 store. This allows a meddler in the middle to present a...
CVE-2020-24661
GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates e.g., self-signed certificates when the client system is not configured to use a system-provided PKCS11 store. This allows a meddler in the middle to present a...
CVE-2020-24661
GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates e.g., self-signed certificates when the client system is not configured to use a system-provided PKCS11 store. This allows a meddler in the middle to present a...
Code injection
GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates e.g., self-signed certificates when the client system is not configured to use a system-provided PKCS11 store. This allows a meddler in the middle to present a...
UBUNTU-CVE-2020-24661
GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates e.g., self-signed certificates when the client system is not configured to use a system-provided PKCS11 store. This allows a meddler in the middle to present a...
CVE-2020-24661
GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates e.g., self-signed certificates when the client system is not configured to use a system-provided PKCS11 store. This allows a meddler in the middle to present a...
CVE-2020-24661
GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates e.g., self-signed certificates when the client system is not configured to use a system-provided PKCS11 store. This allows a meddler in the middle to present a...
CVE-2020-24661
CVE-2020-24661 affects GNOME Geary prior to 3.36.3. The issue stems from mishandling of pinned TLS certificate verification for IMAP/SMTP when the client is not configured to use a system PKCS#11 store, allowing a MITM to present an invalid certificate and intercept mail. Public sources in the co...
CVE-2020-24661
GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates e.g., self-signed certificates when the client system is not configured to use a system-provided PKCS11 store. This allows a meddler in the middle to present a...