Vulnerabilities > Gnome > Balsa > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-05-28 | CVE-2020-13645 | Improper Certificate Validation vulnerability in multiple products In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. | 6.5 |
2007-12-12 | CVE-2007-5007 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Gnome Balsa Stack-based buffer overflow in the ir_fetch_seq function in balsa before 2.3.20 might allow remote IMAP servers to execute arbitrary code via a long response to a FETCH command. | 6.8 |