CVE-2021-39358
In GNOME libgfbgraph up to version 0.2.4, gfbgraph-photo.c creates SoupSessionSync objects without enabling TLS certificate verification, exposing users to network MITM attacks. This is the vulnerability described as CVE-2021-39358. The issue is tied to not verifying TLS certificates in the sessi...