Skip to main content

Evolution Data Server

2 CVEs product

Monthly

CVE-2020-16117 MEDIUM POC PATCH This Month

In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid (e.g., minimal) CAPABILITY line on a connection. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Null Pointer Dereference Denial Of Service Evolution Data Server Debian Linux
NVD
CVSS 3.1
5.9
EPSS
2.1%
CVE-2020-14928 MEDIUM POC PATCH This Month

evolution-data-server (eds) through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Code Injection Evolution Data Server Debian Linux Fedora Ubuntu Linux
NVD
CVSS 3.1
5.9
EPSS
2.8%
EPSS 2% CVSS 5.9
MEDIUM POC PATCH This Month

In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid (e.g., minimal) CAPABILITY line on a connection. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Null Pointer Dereference Denial Of Service Evolution Data Server +1
NVD
EPSS 3% CVSS 5.9
MEDIUM POC PATCH This Month

evolution-data-server (eds) through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Code Injection Evolution Data Server Debian Linux +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy