Vulnerabilities > Gnome > Evolution > 3.20.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-01 | CVE-2021-3349 | Insufficient Verification of Data Authenticity vulnerability in Gnome Evolution GNOME Evolution through 3.38.3 produces a "Valid signature" message for an unknown identifier on a previously trusted key because Evolution does not retrieve enough information from the GnuPG API. | 3.3 |
| 2020-04-17 | CVE-2020-11879 | Unspecified vulnerability in Gnome Evolution An issue was discovered in GNOME Evolution before 3.35.91. | 6.5 |
| 2019-02-11 | CVE-2018-15587 | Improper Verification of Cryptographic Signature vulnerability in multiple products GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment. | 6.5 |
| 2018-07-20 | CVE-2016-10727 | Information Exposure vulnerability in multiple products camel/providers/imapx/camel-imapx-server.c in the IMAPx component in GNOME evolution-data-server before 3.21.2 proceeds with cleartext data containing a password if the client wishes to use STARTTLS but the server will not use STARTTLS, which makes it easier for remote attackers to obtain sensitive information by sniffing the network. | 9.8 |
| 2018-06-15 | CVE-2018-12422 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gnome Evolution addressbook/backends/ldap/e-book-backend-ldap.c in Evolution-Data-Server in GNOME Evolution through 3.29.2 might allow attackers to trigger a Buffer Overflow via a long query that is processed by the strcat function. | 9.8 |