Vulnerabilities > Getmail > Getmail > 4.44.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-10-08 | CVE-2014-7275 | Cryptographic Issues vulnerability in Getmail The POP3-over-SSL implementation in getmail 4.0.0 through 4.44.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof POP3 servers and obtain sensitive information via a crafted certificate. | 5.8 |
2014-10-08 | CVE-2014-7274 | Cryptographic Issues vulnerability in Getmail 4.44.0 The IMAP-over-SSL implementation in getmail 4.44.0 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate, which allows man-in-the-middle attackers to spoof IMAP servers and obtain sensitive information via a crafted certificate from a recognized Certification Authority. | 5.8 |