Search CVE reports


Toggle filters

1 – 4 of 4 results


CVE-2020-16118

Low priority
Needs evaluation

In GNOME Balsa before 2.6.0, a malicious server operator or man in the middle can trigger a NULL pointer dereference and client crash by sending a PREAUTH response to imap_mbox_connect in libbalsa/imap/imap-handle.c.

1 affected package

balsa

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
balsa Not affected Not affected Not affected Needs evaluation Needs evaluation
Show less packages

CVE-2020-13645

Medium priority
Fixed

In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server’s TLS certificate if the application fails to specify the expected server identity. This is in contrast...

2 affected packages

balsa, glib-networking

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
balsa Fixed Not affected Not affected
glib-networking Fixed Fixed Fixed
Show less packages

CVE-2007-5007

Medium priority

Some fixes available 4 of 8

Stack-based buffer overflow in the ir_fetch_seq function in balsa before 2.3.20 might allow remote IMAP servers to execute arbitrary code via a long response to a FETCH command.

1 affected package

balsa

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
balsa
Show less packages

CVE-2003-0167

Unknown priority
Fixed

1 affected package

balsa

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
balsa
Show less packages