|
1172935
|
SUSE Security Incidents
|
Incidents
|
security-team
|
RESO
|
FIXE
|
VUL-0: CVE-2020-14093: mutt,neomutt: IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response
|
2023-10-13
|
|
1173197
|
SUSE Security Incidents
|
Incidents
|
security-team
|
RESO
|
FIXE
|
VUL-0: CVE-2020-14954: mutt,neomutt: STARTTLS buffering issue allowing MITM of IMAP, SMTP and POP3
|
2023-10-13
|
|
1173910
|
SUSE Security Incidents
|
Incidents
|
security-team
|
RESO
|
FIXE
|
VUL-0: CVE-2020-14928: evolution-data-server: Response Injection via STARTTLS in SMTP and POP3
|
2021-08-09
|
|
1174457
|
openSUSE Distribution
|
Security
|
security-team
|
RESO
|
FIXE
|
VUL-1: CVE-2020-15917: claws-mail: protocol violation because suffix data after STARTTLS is mishandled
|
2021-08-09
|
|
1174579
|
openSUSE Distribution
|
Security
|
forgotten_4yKfwBnymp
|
RESO
|
FIXE
|
VUL-0: CVE-2020-15953: libetpan: response injection via STARTTLS in IMAP
|
2021-08-09
|
|
1174580
|
openSUSE Distribution
|
Security
|
opensuse-kde-bugs
|
NEW
|
---
|
VUL-0: CVE-2020-15954: kmail: engages in unencrypted POP3 communication during times when the UI indicates that encryption is in use
|
2021-08-09
|
|
1174711
|
openSUSE Distribution
|
Security
|
security-team
|
RESO
|
FIXE
|
VUL-1: CVE-2020-16118: balsa: a malicious server or MITM can trigger a NULL pointer dereference
|
2021-08-09
|
|
1174712
|
SUSE Security Incidents
|
Incidents
|
security-team
|
RESO
|
FIXE
|
VUL-1: CVE-2020-16117: evolution-data-server: a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid CAPABILITY line
|
2021-08-09
|
|
1181414
|
SUSE Security Incidents
|
Incidents
|
cgrobertson
|
RESO
|
FIXE
|
VUL-0: CVE-2021-23953,CVE-2021-23954,CVE-2020-26976,CVE-2021-23960,CVE-2021-23964: MozillaFirefox,MozillaThunderbird: Update to 78.7 ESR /85 (MFSA 2021-3, MFSA 2021-4)
|
2022-09-06
|
|
1187419
|
SUSE Security Incidents
|
Incidents
|
security-team
|
RESO
|
FIXE
|
VUL-0: CVE-2021-33515: dovecot,dovecot22,dovecot23: Attacker can potentially steal user credentials and mails
|
2022-08-18
|
|
1188275
|
SUSE Security Incidents
|
Incidents
|
martin.sirringhaus
|
RESO
|
FIXE
|
VUL-0: MozillaFirefox,MozillaThunderbird: update to 90 and 78.12.0esr
|
2022-09-06
|
|
1189314
|
SUSE Security Incidents
|
Incidents
|
security-team
|
NEW
|
---
|
VUL-1: CVE-2021-38371: exim: The STARTTLS feature in Exim through 4.94.2 allows response injection (buffering) during MTA SMTP sending.
|
2021-08-11
|
|
1189316
|
SUSE Security Incidents
|
Incidents
|
security-team
|
RESO
|
FIXE
|
VUL-1: CVE-2021-38370: alpine: In Alpine through 2.24, untagged responses from an IMAP server are accepted before STARTTLS.
|
Tue 09:31
|
|
1189634
|
openSUSE Distribution
|
Other
|
security-team
|
RESO
|
FIXE
|
VUL-1: CVE-2021-3716: nbdkit: STARTTLS vulnerability for nbdkit
|
2022-02-22
|
|
1189820
|
SUSE Security Incidents
|
Incidents
|
kde-maintainers
|
RESO
|
INVA
|
VUL-1: CVE-2021-38372: trojita: man-in-the-middle attackers can create new folders because untagged responses from an IMAP server are accepted before STARTTLS.
|
Tue 09:10
|
|
1190069
|
SUSE Security Incidents
|
Incidents
|
security-team
|
RESO
|
WONT
|
VUL-0: CVE-2021-39272: fetchmail: STARTTLS session encryption bypassing
|
2022-09-30
|
|
1190174
|
SUSE Security Incidents
|
Incidents
|
kde-maintainers
|
NEW
|
---
|
VUL-0: CVE-2021-38373: kmail: STARTTLS is ignored when "Server requires authentication" not checked in UI
|
2021-09-03
|
