Vulnerabilities > Gnome > Shotwell

DATE CVE VULNERABILITY TITLE RISK
2017-07-17 CVE-2017-1000024 Cleartext Transmission of Sensitive Information vulnerability in Gnome Shotwell
Shotwell version 0.24.4 or earlier and 0.25.3 or earlier is vulnerable to an information disclosure in the web publishing plugins resulting in potential password and oauth token plaintext transmission
network
low complexity
gnome CWE-319
5.0
2016-10-25 CVE-2016-1000033 Improper Certificate Validation vulnerability in multiple products
Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification validation flaw resulting in a potential for man in the middle attacks.
network
gnome redhat CWE-295
4.3