Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2021-38372 - log back

CVE-2021-38372 edited at 10 Aug 2021 16:24:41

Severity

-	Unknown
+	Medium

Remote

-	Unknown
+	Remote

Type

-	Unknown
+	Man-in-the-middle

Description

+	In KDE Trojita 0.7, man-in-the-middle attackers can create new folders because untagged responses from an IMAP server are accepted before STARTTLS.

References

+	https://bugs.kde.org/show_bug.cgi?id=432353
+	https://nostarttls.secvuln.info/

Notes

CVE-2021-38372 created at 10 Aug 2021 16:23:54