CVE-2020-16118

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-16118

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-16118.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-16118

Related

Published

2020-07-29T18:15:15Z

Modified

2025-03-19T23:02:11.483240Z

Downstream

openSUSE-SU-2020:1230-1

openSUSE-SU-2020:1207-1

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In GNOME Balsa before 2.6.0, a malicious server operator or man in the middle can trigger a NULL pointer dereference and client crash by sending a PREAUTH response to imapmboxconnect in libbalsa/imap/imap-handle.c.

References

Affected packages

Debian:11 / balsa

Package

Name: balsa
Purl: pkg:deb/debian/balsa?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.6.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / balsa

Package

Name: balsa
Purl: pkg:deb/debian/balsa?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.6.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / balsa

Package

Name: balsa
Purl: pkg:deb/debian/balsa?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.6.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / gitlab.gnome.org/GNOME/balsa

Affected ranges

Type: GIT
Repo: https://gitlab.gnome.org/GNOME/balsa
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

4e245d758e1c826a01080d40c22ca8706f0339e5

Fixed

4e245d758e1c826a01080d40c22ca8706f0339e5

Affected versions

2.*

2.4.90

2.4.91

2.5.0

2.5.0a

2.5.1

2.5.2

2.5.3a

2.5.4

2.5.5

2.5.6

2.5.7a

2.5.8

2.5.9

Other

BALSA_1_0_0

BALSA_1_1_0

BALSA_1_1_1

BALSA_1_1_2

BALSA_1_1_4

BALSA_1_1_7

BALSA_1_2_0

BALSA_1_2_2

BALSA_1_2_pre2

BALSA_1_3_0

BALSA_1_3_3

BALSA_1_3_4

BALSA_1_3_5

BALSA_1_3_6

BALSA_1_4_0

BALSA_1_4_1

BALSA_2_0_13

BALSA_2_0_8

BALSA_2_0_9

BALSA_2_1_1

BALSA_2_1_2

BALSA_2_1_3

BALSA_2_1_91

BALSA_2_2_1

BALSA_2_2_2

BALSA_2_2_4

BALSA_2_2_5

BALSA_2_2_6

BALSA_2_3_0

BALSA_2_3_1

BALSA_2_3_10

BALSA_2_3_12

BALSA_2_3_13

BALSA_2_3_15

BALSA_2_3_19

BALSA_2_3_2

BALSA_2_3_20

BALSA_2_3_24

BALSA_2_3_26

BALSA_2_3_3

BALSA_2_3_4

BALSA_2_3_5

BALSA_2_3_7

BALSA_2_3_8

GNOME0

GNOME_MEDIA_1_2_2

GNOME_PRINT_0_24

WITHXMHTML

balsa-0-8

balsa-0-9-5

balsa-0_6_0

before-new-toolbars

dev_0_9_1

initial-BALSA-CONFIG

release_tag