Skip to main content

Geary

2 CVEs product

Monthly

CVE-2020-24661 MEDIUM POC This Month

GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates (e.g., self-signed certificates) when the client system is not. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Geary Fedora
NVD
CVSS 3.1
5.9
EPSS
0.9%
CVE-2014-5444 MEDIUM PATCH This Month

Geary before 0.6.3 does not present the user with a warning when a TLS certificate error is detected, which makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Geary
NVD
CVSS 2.0
4.3
EPSS
0.1%
EPSS 1% CVSS 5.9
MEDIUM POC This Month

GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates (e.g., self-signed certificates) when the client system is not. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Geary Fedora
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Geary before 0.6.3 does not present the user with a warning when a TLS certificate error is detected, which makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Geary
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy