VYPR

Shotwell

by GNOME Foundation

CVEs (2)

  • CVE-2017-1000024HigJul 17, 2017
    risk 0.49cvss 7.5epss 0.01

    Shotwell version 0.24.4 or earlier and 0.25.3 or earlier is vulnerable to an information disclosure in the web publishing plugins resulting in potential password and oauth token plaintext transmission

  • CVE-2016-1000033LowOct 25, 2016
    risk 0.24cvss 3.7epss 0.01

    Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification validation flaw resulting in a potential for man in the middle attacks.