Search CVE reports
1 – 4 of 4 results
CVE-2020-16118
Low priorityIn GNOME Balsa before 2.6.0, a malicious server operator or man in the middle can trigger a NULL pointer dereference and client crash by sending a PREAUTH response to imap_mbox_connect in libbalsa/imap/imap-handle.c.
1 affected package
balsa
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
balsa | Not affected | Not affected | Not affected | Needs evaluation | Needs evaluation |
CVE-2020-13645
Medium priorityIn GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server’s TLS certificate if the application fails to specify the expected server identity. This is in contrast...
2 affected packages
balsa, glib-networking
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
balsa | — | — | Fixed | Not affected | Not affected |
glib-networking | — | — | Fixed | Fixed | Fixed |
CVE-2007-5007
Medium prioritySome fixes available 4 of 8
Stack-based buffer overflow in the ir_fetch_seq function in balsa before 2.3.20 might allow remote IMAP servers to execute arbitrary code via a long response to a FETCH command.
1 affected package
balsa
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
balsa | — | — | — | — | — |
CVE-2003-0167
Unknown priority1 affected package
balsa
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
balsa | — | — | — | — | — |