Lucene search
GoogleOSV:CVE-2021-39359HistoryAug 22, 2021 - 7:15 p.m.
CVE-2021-39359
2021-08-2219:15:07
Google
osv.dev
11
gnome
libgda
tls
certificate
verification
vulnerability
mitm
attacks
soupsessionsync
EPSS
0.003
Percentile
70.2%
In GNOME libgda through 6.0.0, gda-web-provider.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.
References
blogs.gnome.org/mcatanzaro/2021/05/25/reminder-soupsessionsync-and-soupsessionasync-default-to-no-tls-certificate-verification/
github.com/GNOME/libgda/commit/bd7b9568bcd9f6d3e6680bb04323a670c842a62d
gitlab.gnome.org/GNOME/libgda/-/issues/249
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRPPP47WRCAPAEJGRMEKYYJZBQCYXTLQ/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLMVVIJNY5NMOT3FH36RFBWOTPVW7GME/
Related
cve
cve
nessus
nessus
SUSE SLED12 / SLES12 Security Update : libgda (SUSE-SU-2022:3016-1)
2022-09-06 00:00:00
AlmaLinux 8 : gfbgraph (ALSA-2022:1801)
2022-05-12 00:00:00
EulerOS Virtualization 3.0.6.0 : grilo (EulerOS-SA-2022-2561)
2022-10-10 00:00:00
cvelist
cvelist
prion
prion
Code injection
2021-08-22 19:15:00
Default credentials
2021-05-25 21:15:00
Code injection
2021-08-22 19:15:00
nvd
nvd
ubuntucve
ubuntucve
debiancve
debiancve
openvas
openvas
Fedora: Security Advisory for libgda (FEDORA-2021-06510d73f1)
2022-01-01 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:3016-1)
2022-09-05 00:00:00
Mageia: Security Advisory (MGASA-2021-0343)
2022-01-28 00:00:00
mageia
mageia
Updated libgrss packages fix security vulnerability
2021-07-12 23:26:21
Updated libgda5.0 packages fix security vulnerability
2022-01-03 10:36:40
Updated gfbgraph packages fix security vulnerability
2021-12-02 19:49:28
alpinelinux
alpinelinux
CVE-2016-20011
2021-05-25 21:15:07
CVE-2021-39365
2021-08-22 22:15:00
veracode
veracode
Insecure Verication
2021-06-08 20:42:11
osv
osv
fedora
fedora
[SECURITY] Fedora 34 Update: libgda-5.2.10-4.fc34
2021-12-31 01:35:09
[SECURITY] Fedora 35 Update: libgda-5.2.10-4.fc35
2021-12-31 01:21:51
redhatcve
redhatcve
amazon
amazon
Medium: libzapojit
2023-07-17 17:40:00
Medium: grilo
2023-10-12 15:09:00