vulnerability
SUSE: CVE-2020-14928: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | Jul 17, 2020 | Mar 20, 2021 | Feb 4, 2022 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Jul 17, 2020
Added
Mar 20, 2021
Modified
Feb 4, 2022
Description
evolution-data-server (eds) through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" response, eds reads additional data and evaluates it in a TLS context, aka "response injection."
Solutions
suse-upgrade-evolution-data-serversuse-upgrade-evolution-data-server-32bitsuse-upgrade-evolution-data-server-develsuse-upgrade-evolution-data-server-langsuse-upgrade-evolution-ewssuse-upgrade-evolution-ews-langsuse-upgrade-libcamel-1_2-57suse-upgrade-libcamel-1_2-59suse-upgrade-libcamel-1_2-59-32bitsuse-upgrade-libcamel-1_2-62suse-upgrade-libcamel-1_2-62-32bitsuse-upgrade-libebackend-1_2-10suse-upgrade-libebackend-1_2-10-32bitsuse-upgrade-libebook-1_2-16suse-upgrade-libebook-1_2-16-32bitsuse-upgrade-libebook-1_2-20suse-upgrade-libebook-1_2-20-32bitsuse-upgrade-libebook-contacts-1_2-2suse-upgrade-libebook-contacts-1_2-2-32bitsuse-upgrade-libebook-contacts-1_2-3suse-upgrade-libebook-contacts-1_2-3-32bitsuse-upgrade-libecal-1_2-19suse-upgrade-libecal-1_2-19-32bitsuse-upgrade-libecal-2_0-1suse-upgrade-libecal-2_0-1-32bitsuse-upgrade-libedata-book-1_2-25suse-upgrade-libedata-book-1_2-25-32bitsuse-upgrade-libedata-book-1_2-26suse-upgrade-libedata-book-1_2-26-32bitsuse-upgrade-libedata-cal-1_2-28suse-upgrade-libedata-cal-1_2-28-32bitsuse-upgrade-libedata-cal-2_0-1suse-upgrade-libedata-cal-2_0-1-32bitsuse-upgrade-libedataserver-1_2-21suse-upgrade-libedataserver-1_2-22suse-upgrade-libedataserver-1_2-22-32bitsuse-upgrade-libedataserver-1_2-24suse-upgrade-libedataserver-1_2-24-32bitsuse-upgrade-libedataserverui-1_2-1suse-upgrade-libedataserverui-1_2-2suse-upgrade-libedataserverui-1_2-2-32bitsuse-upgrade-typelib-1_0-camel-1_2suse-upgrade-typelib-1_0-ebackend-1_2suse-upgrade-typelib-1_0-ebook-1_2suse-upgrade-typelib-1_0-ebookcontacts-1_2suse-upgrade-typelib-1_0-ecal-2_0suse-upgrade-typelib-1_0-edatabook-1_2suse-upgrade-typelib-1_0-edatacal-2_0suse-upgrade-typelib-1_0-edataserver-1_2suse-upgrade-typelib-1_0-edataserverui-1_2
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.