Описание
Geary before 0.6.3 does not present the user with a warning when a TLS certificate error is detected, which makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted certificate.
Ссылки
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1Версия до 0.5.0 (включая)
cpe:2.3:a:yorba:geary:*:*:*:*:*:*:*:*
EPSS
Процентиль: 35%
0.00147
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-310
Связанные уязвимости
ubuntu
больше 11 лет назад
Geary before 0.6.3 does not present the user with a warning when a TLS certificate error is detected, which makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted certificate.
debian
больше 11 лет назад
Geary before 0.6.3 does not present the user with a warning when a TLS ...
github
больше 3 лет назад
Geary before 0.6.3 does not present the user with a warning when a TLS certificate error is detected, which makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted certificate.
EPSS
Процентиль: 35%
0.00147
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-310