EUVD-2021-25726

Malware in sbrugna...

SUSE CVE-2021-39365

In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...

EulerOS Virtualization 3.0.2.6 : grilo (EulerOS-SA-2023-1087)

According to the versions of the grilo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates,...

AlmaLinux 8 : grilo (ALSA-2021:4339)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:4339 advisory. - In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users vulnerable to...

Oracle Linux 8 : grilo (ELSA-2021-4339)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-4339 advisory. 0.3.6-3 + grilo-0.3.6-3 - Fix TLS not being validated correctly - Resolves: rhbz1997234 Tenable has extracted the preceding description block directly from the...

OESA-2021-1346 grilo security update

Grilo is a framework focused on making media discovery and browsing easy for application developers. Security Fixes: In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users vulnerable to network MITM attacks...

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : GNOME grilo vulnerability (USN-5055-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5055-1 advisory. Michael Catanzaro discovered that grilo incorrectly handled certain TLS certificate verification. An attacker could possibly use this issu...

USN-5055-1: GNOME grilo vulnerability

Michael Catanzaro discovered that grilo incorrectly handled certain TLS certificate verification. An attacker could possibly use this issue to MITM attacks...

Debian DSA-4964-1 : grilo - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-4964 advisory. - In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users vulnerable to network...

CVE-2021-39365

In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...

CVE-2021-39365

In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...

CVE-2021-39365

In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...

Code injection

In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...

Gitlab Grilo信任管理问题漏洞

Gitlab Grilo is a framework for browsing and searching media content from a variety of sources using a single API. A security vulnerability exists in GNOME grilo 0.3.13 and earlier versions, which stems from the program grl-net-wc.c not enabling TLS certificate validation on the SoupSessionAsync...

PT-2021-22568 · Gnome +8 · Gnome Grilo +8

Name of the Vulnerable Software and Affected Versions: GNOME grilo versions prior to 0.3.14 Description: The issue is related to the lack of TLS certificate verification in the SoupSessionAsync objects created by grl-net-wc.c, making users susceptible to network man-in-the-middle MITM attacks...