CVE-2016-1000033

Опубликовано: 25 окт. 2016

Источник: nvd

CVSS3: 3.7

CVSS2: 4.3

EPSS Низкий

Описание

Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification validation flaw resulting in a potential for man in the middle attacks.

Ссылки

https://bugzilla.gnome.org/show_bug.cgi?id=754488
Issue Tracking
https://bugzilla.gnome.org/show_bug.cgi?id=754488
Issue Tracking

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gnome:shotwell:0.22.0:*:*:*:*:*:*:*

Конфигурация 2

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

EPSS

Процентиль: 61%

0.00412

Низкий

3.7 Low

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-295

Связанные уязвимости

CVE-2016-1000033

CVSS3: 3.7

ubuntu

больше 9 лет назад

Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification validation flaw resulting in a potential for man in the middle attacks.

CVE-2016-1000033

CVSS3: 3.1

redhat

больше 10 лет назад

Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification validation flaw resulting in a potential for man in the middle attacks.

CVE-2016-1000033

CVSS3: 3.7

debian

больше 9 лет назад

Shotwell version 0.22.0 (and possibly other versions) is vulnerable to ...

GHSA-9hvv-q3hq-r4f2

CVSS3: 3.7

github

больше 3 лет назад

Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification validation flaw resulting in a potential for man in the middle attacks.

EPSS

Процентиль: 61%

0.00412

Низкий

3.7 Low

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-295