CVE-2016-10937

IMAPFilter through 2.6.12 does not validate the hostname in an SSL certificate.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 58%
VendorProductVersion
imapfilter_projectimapfilter
𝑥
≤ 2.6.12
debiandebian_linux
8.0
opensusebackports_sle
15.0:sp1
opensuseleap
15.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
imapfilter
bullseye
1:2.7.5-1
fixed
buster
no-dsa
stretch
no-dsa
bookworm
1:2.8.1-1
fixed
sid
1:2.8.2+1-0.2
fixed
trixie
1:2.8.2+1-0.2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
imapfilter
noble
not-affected
mantic
not-affected
lunar
not-affected
kinetic
not-affected
jammy
not-affected
impish
not-affected
hirsute
not-affected
groovy
not-affected
focal
not-affected
eoan
ignored
disco
ignored
bionic
needs-triage
xenial
needs-triage
trusty
Fixed 1:2.5.2-2+deb8u1build0.14.04.1~esm1
released
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00042.html
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00002.html
https://bugs.debian.org/939702
https://github.com/lefcha/imapfilter/issues/142
https://lists.debian.org/debian-lts-announce/2019/10/msg00040.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GBNDFMAIUA6PQMV2P6OKIP7JZQEWX7D2/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IQUH2TOCNEST7JB2RJVVJT3RZS5XZCFZ/
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00042.html
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00002.html
https://bugs.debian.org/939702
https://github.com/lefcha/imapfilter/issues/142
https://lists.debian.org/debian-lts-announce/2019/10/msg00040.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GBNDFMAIUA6PQMV2P6OKIP7JZQEWX7D2/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IQUH2TOCNEST7JB2RJVVJT3RZS5XZCFZ/