Unrated severityNVD Advisory· Published Jul 29, 2020· Updated Aug 4, 2024
CVE-2020-16118
CVE-2020-16118
Description
In GNOME Balsa before 2.6.0, a malicious server operator or man in the middle can trigger a NULL pointer dereference and client crash by sending a PREAUTH response to imap_mbox_connect in libbalsa/imap/imap-handle.c.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- GNOME/Balsadescription
- Range: <2.6.0
- osv-coords2 versionspkg:rpm/opensuse/balsa&distro=openSUSE%20Leap%2015.1pkg:rpm/suse/balsa&distro=SUSE%20Package%20Hub%2015%20SP1
< 2.5.5-lp151.3.3.1+ 1 more
- (no CPE)range: < 2.5.5-lp151.3.3.1
- (no CPE)range: < 2.5.5-bp151.4.3.1
Patches
Vulnerability mechanics
References
4- lists.opensuse.org/opensuse-security-announce/2020-08/msg00035.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.opensuse.org/opensuse-security-announce/2020-08/msg00045.htmlmitrevendor-advisoryx_refsource_SUSE
- gitlab.gnome.org/GNOME/balsa/-/commit/4e245d758e1c826a01080d40c22ca8706f0339e5mitrex_refsource_MISC
- gitlab.gnome.org/GNOME/balsa/-/issues/23mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.