CVE List

CVE-2020-16118

Critical 7.5

In GNOME Balsa before 2.6.0, a malicious server operator or man in the middle can trigger a NULL pointer dereference and client crash by sending a PREAUTH response to imap_mbox_connect in libbalsa/imap/imap-handle.c.

Published July 29, 2020.

Affected software

Gnome Balsa

Reference links

Sign Up for Alerts