rpm package
suse/evolution&distro=SUSE Linux Enterprise Workstation Extension 12 SP5
pkg:rpm/suse/evolution&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-11879 | — | < 3.22.6-19.14.1 | 3.22.6-19.14.1 | Apr 17, 2020 | An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary (non-RFC6068) "mailto?attach=..." parameter, a website (or other source of mailto links) can make Evolution attach local files or directories to a composed email message without showing a warning | ||
| CVE-2018-15587 | — | < 3.22.6-19.9.1 | 3.22.6-19.9.1 | Feb 11, 2019 | GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment. |
- CVE-2020-11879Apr 17, 2020affected < 3.22.6-19.14.1fixed 3.22.6-19.14.1
An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary (non-RFC6068) "mailto?attach=..." parameter, a website (or other source of mailto links) can make Evolution attach local files or directories to a composed email message without showing a warning
- CVE-2018-15587Feb 11, 2019affected < 3.22.6-19.9.1fixed 3.22.6-19.9.1
GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment.