CVE-2020-11879
17.04.2020, 18:15
An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary (non-RFC6068) "mailto?attach=..." parameter, a website (or other source of mailto links) can make Evolution attach local files or directories to a composed email message without showing a warning to the user, as demonstrated by an attach=. value.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| gnome | evolution | 𝑥 < 3.35.91 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Amazon Linux Releases
Amazon Package | |||
|---|---|---|---|
| evolution |
| ||
| evolution-bogofilter |
| ||
| evolution-debuginfo |
| ||
| evolution-devel |
| ||
| evolution-devel-docs |
| ||
| evolution-help |
| ||
| evolution-langpacks |
| ||
| evolution-pst |
| ||
| evolution-spamassassin |
|
References