CVE-2021-39361 log
| Source |
|
| Severity | Medium |
| Remote | Yes |
| Type | Man-in-the-middle |
| Description | In GNOME evolution-rss through 0.3.96, network-soup.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-2310 | evolution-rss | 0.3.96-5 | Medium | Vulnerable |