CVE-2021-39360
22.08.2021, 19:15
In GNOME libzapojit through 0.0.3, zpj-skydrive.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| gnome | libzapojit | 𝑥 ≤ 0.0.3 |
𝑥
= Vulnerable software versions
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| libzapojit-0_0-0 |
| ||||||||||||||||
| typelib-1_0-Zpj-0_0 |
|
Common Weakness Enumeration
References