AVG-2307 log

Package gfbgraph
Status Vulnerable
Severity High
Type man-in-the-middle
Affected 0.2.4-1
Fixed Unknown
Current 0.2.4-1 [extra]
Ticket Create
Created Mon Aug 23 10:59:06 2021
Issue Severity Remote Type Description
CVE-2021-39358 High Yes Man-in-the-middle
In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users...