2 matches found
CVE-2014-2014
CVE-2014-2014 affects imapsync prior to 1.584 when using --tls: on certificate verification failure it may fall back to a cleartext login, risking credentials sniffed over the network. Public sources (NVD) document a CVSS v2 base score of 4.3 (Medium) with network attack vector and no authenticat...
CVE-2013-4279
The CVE-2013-4279 entry concerns imapsync where the release check runs by default and transmits sensitive information (imapsync version, OS, and Perl version) to the developer site. Connected advisories confirm that the vulnerability affects imapsync up to version 1.564 and earlier, with remediat...