Описание
In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.
Релиз | Статус | Примечание |
---|---|---|
bionic | ignored | end of standard support, was needs-triage |
devel | DNE | |
esm-apps/bionic | needs-triage | |
esm-apps/focal | needs-triage | |
esm-apps/jammy | needs-triage | |
esm-apps/xenial | needs-triage | |
esm-infra-legacy/trusty | DNE | |
focal | ignored | end of standard support, was needs-triage |
hirsute | ignored | end of life |
impish | ignored | end of life |
Показывать по
EPSS
4.3 Medium
CVSS2
5.9 Medium
CVSS3
Связанные уязвимости
In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.
In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.
In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable T ...
EPSS
4.3 Medium
CVSS2
5.9 Medium
CVSS3