Offlineimap - Offlineimap CVE

Filtered by vendor Offlineimap Subscribe

Filtered by product Offlineimap

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2010-4533	2 Debian, Offlineimap	2 Debian Linux, Offlineimap	2024-02-28	7.5 HIGH	9.8 CRITICAL
offlineimap before 6.3.4 added support for SSL server certificate validation but it is still possible to use SSL v2 protocol, which is a flawed protocol with multiple security deficiencies.
CVE-2010-4532	2 Debian, Offlineimap	2 Debian Linux, Offlineimap	2024-02-28	4.3 MEDIUM	5.9 MEDIUM
offlineimap before 6.3.2 does not check for SSL server certificate validation when "ssl = yes" option is specified which can allow man-in-the-middle attacks.

Vulnerabilities (CVE)