CVE-2025-71063

Errands before 46.2.10 does not verify TLS certificates for CalDAV servers.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.2 HIGH
ADJACENT_NETWORK
HIGH
NONE
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L
mitreCNA
8.2 HIGH
ADJACENT_NETWORK
HIGH
NONE
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
errands
trixie
no-dsa
forky
46.2.10-1
fixed
sid
46.2.10-1
fixed
Common Weakness Enumeration
References
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1123738
https://github.com/mrvladus/Errands/commit/04e567b432083fc798ea2249363ea6c83ff01099
https://github.com/mrvladus/Errands/compare/46.2.9...46.2.10
https://github.com/mrvladus/Errands/issues/401
https://github.com/mrvladus/Errands/releases/tag/46.2.10