CVE-2020-15047

MSA/SMTP.cpp in Trojita before 0.8 ignores certificate-verification errors, which allows man-in-the-middle attackers to spoof SMTP servers.
References
Link Resource
https://bugs.kde.org/show_bug.cgi?id=423453 Issue Tracking Patch Third Party Advisory
https://gerrit.vesnicky.cesnet.cz/r/1035 Patch Third Party Advisory
https://bugs.kde.org/show_bug.cgi?id=423453 Issue Tracking Patch Third Party Advisory
https://gerrit.vesnicky.cesnet.cz/r/1035 Patch Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:trojita_project:trojita:*:*:*:*:*:*:*:*

History

21 Nov 2024, 05:04

Type Values Removed Values Added
References () https://bugs.kde.org/show_bug.cgi?id=423453 - Issue Tracking, Patch, Third Party Advisory () https://bugs.kde.org/show_bug.cgi?id=423453 - Issue Tracking, Patch, Third Party Advisory
References () https://gerrit.vesnicky.cesnet.cz/r/1035 - Patch, Third Party Advisory () https://gerrit.vesnicky.cesnet.cz/r/1035 - Patch, Third Party Advisory

Information

Published : 2020-06-25 11:15

Updated : 2024-11-21 05:04


NVD link : CVE-2020-15047

Mitre link : CVE-2020-15047

CVE.ORG link : CVE-2020-15047


JSON object : View

Products Affected

trojita_project

  • trojita
CWE
CWE-295

Improper Certificate Validation