Vulnerabilities

CVE-2020-14928

by Fred · 17/07/2020

evolution-data-server (eds) through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" response, eds reads additional data and evaluates it in a TLS context, aka "response injection."

Date published : 2020-07-17

https://bugzilla.suse.com/show_bug.cgi?id=1173910

https://gitlab.gnome.org/GNOME//evolution-data-server/commit/ba82be72cfd427b5d72ff21f929b3a6d8529c4df

Similar

Tags: Cybersecurity Alert