VYPR

rpm package

suse/evolution&distro=SUSE Linux Enterprise Software Development Kit 12 SP5

pkg:rpm/suse/evolution&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5

Vulnerabilities (2)

  • CVE-2020-11879Apr 17, 2020
    affected < 3.22.6-19.14.1fixed 3.22.6-19.14.1

    An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary (non-RFC6068) "mailto?attach=..." parameter, a website (or other source of mailto links) can make Evolution attach local files or directories to a composed email message without showing a warning

  • CVE-2018-15587Feb 11, 2019
    affected < 3.22.6-19.9.1fixed 3.22.6-19.9.1

    GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment.