19 matches found
EUVD-2021-25719
Malware in sbrugna...
Rocky Linux 8 : gfbgraph (RLSA-2022:1801)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:1801 advisory. - In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users...
SUSE CVE-2021-39358
In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...
Man In The Middle (MitM)
libgfbgraph is vulnerable to man in the middle attack. The vulnerability exists due to a disabled TLS certificate verification on the SoupSessionSync objects allowing an attacker to bypass the certificate verification...
AlmaLinux 8 : gfbgraph (ALSA-2022:1801)
The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2022:1801 advisory. - In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users...
MGASA-2021-0530 Updated gfbgraph packages fix security vulnerability
In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...
Updated gfbgraph packages fix security vulnerability
In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...
CVE-2021-39358
In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...
CVE-2021-39358
In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...
DEBIAN-CVE-2021-39358
In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...
CVE-2021-39358
In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...
Code injection
In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...
CVE-2021-39358
In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...
UBUNTU-CVE-2021-39358
In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...
CVE-2021-39358
In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...
CVE-2021-39358
In GNOME libgfbgraph up to version 0.2.4, gfbgraph-photo.c creates SoupSessionSync objects without enabling TLS certificate verification, exposing users to network MITM attacks. This is the vulnerability described as CVE-2021-39358. The issue is tied to not verifying TLS certificates in the sessi...
CVE-2021-39358
In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...
GNOME libgfbgraph 信任管理问题漏洞
libgfbgraph is the GObject library for the Facebook Graph API. A security vulnerability exists in GNOME libgfbgraph, which stems from the fact that in GNOME libgfbgraph version 0.2.4, gfbgraph-photo.c does not enable TLS certificate validation on the SoupSessionSync object it creates. An attacker...
PT-2021-22564 · Gnome +7 · Gnome Libgfbgraph +7
Name of the Vulnerable Software and Affected Versions: GNOME libgfbgraph versions prior to 0.2.5 Description: The issue is related to the lack of TLS certificate verification in the SoupSessionSync objects created by gfbgraph-photo.c, making users susceptible to network man-in-the-middle MITM...