Unrated severityNVD Advisory· Published Jul 29, 2020· Updated Aug 4, 2024
CVE-2020-16117
CVE-2020-16117
Description
In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid (e.g., minimal) CAPABILITY line on a connection attempt. This is related to imapx_free_capability and imapx_connect_to_server.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
13- GNOME/evolution-data-serverdescription
- Range: <3.35.91
- osv-coords11 versionspkg:rpm/almalinux/evolution-data-server-docpkg:rpm/almalinux/evolution-data-server-perlpkg:rpm/almalinux/evolution-data-server-testspkg:rpm/almalinux/evolution-develpkg:rpm/opensuse/evolution-data-server&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/evolution-data-server&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/evolution-ews&distro=openSUSE%20Leap%2015.2pkg:rpm/suse/evolution-data-server&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/evolution-data-server&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5pkg:rpm/suse/evolution-data-server&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP2pkg:rpm/suse/evolution-ews&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP2
< 3.28.5-15.el8+ 10 more
- (no CPE)range: < 3.28.5-15.el8
- (no CPE)range: < 3.28.5-15.el8
- (no CPE)range: < 3.28.5-15.el8
- (no CPE)range: < 3.28.5-16.el8
- (no CPE)range: < 3.34.4-lp152.2.3.1
- (no CPE)range: < 3.40.4-1.4
- (no CPE)range: < 3.34.4-lp152.2.3.1
- (no CPE)range: < 3.22.7-18.7.1
- (no CPE)range: < 3.20.6-17.3.1
- (no CPE)range: < 3.34.4-3.3.1
- (no CPE)range: < 3.34.4-3.3.1
Patches
Vulnerability mechanics
References
4- gitlab.gnome.org/GNOME/evolution-data-server/-/commit/2cc39592b532cf0dc994fd3694b8e6bf924c9ab5mitrex_refsource_MISC
- gitlab.gnome.org/GNOME/evolution-data-server/-/commit/627c3cdbfd077e59aa288c85ff8272950577f1d7mitrex_refsource_MISC
- gitlab.gnome.org/GNOME/evolution-data-server/-/issues/189mitrex_refsource_MISC
- lists.debian.org/debian-lts-announce/2020/08/msg00005.htmlmitremailing-listx_refsource_MLIST
News mentions
0No linked articles in our index yet.