Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-39358

Опубликовано: 22 авг. 2021
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3
CVSS3: 5.9

Описание

In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

DNE

esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

DNE

focal

ignored

end of standard support, was needs-triage
hirsute

ignored

end of life
impish

ignored

end of life

Показывать по

EPSS

Процентиль: 56%
0.00331
Низкий

4.3 Medium

CVSS2

5.9 Medium

CVSS3

Связанные уязвимости

CVSS3: 7.5
redhat
почти 4 года назад

In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.

CVSS3: 5.9
nvd
почти 4 года назад

In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.

CVSS3: 5.9
debian
почти 4 года назад

In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable T ...

suse-cvrf
почти 3 года назад

Security update for gfbgraph

rocky
около 3 лет назад

Moderate: gfbgraph security update

EPSS

Процентиль: 56%
0.00331
Низкий

4.3 Medium

CVSS2

5.9 Medium

CVSS3