CVE: Common Vulnerabilities and Exposures

alert

Notice: Keyword searching of CVE Records is now available in the search box above. Keywords may include a CVE ID (e.g., CVE-2024-1234), or one or more keywords separated by a space (e.g., authorization, SQL Injection, cross site scripting, etc.). Learn more here.

alert

Notice: Keyword searching of CVE Records is now available in the search box above. Keywords may include a CVE ID (e.g., CVE-2024-1234), or one or more keywords separated by a space (e.g., authorization, SQL Injection, cross site scripting, etc.). Learn more here.

Expand or collapse notification button

Required CVE Record Information

Description

core/imap/MCIMAPSession.cpp in Canary Mail before 3.22 has Missing SSL Certificate Validation for IMAP in STARTTLS mode.

Product Status

Information not provided

References 6 Total

Updated: 2024-08-03

This container includes required additional information provided by the CVE Program for this vulnerability.

References 6 Total

https://apps.apple.com/us/app/canary-mail/id1236045954
external site
x_transferred
https://census-labs.com/news/category/advisories/
external site
x_transferred
https://www.openwall.com/lists/oss-security/2021/02/17/3
external site
x_transferred
https://census-labs.com/news/2021/02/17/canary-mail-app-missing-certificate-validation-check-on-imap-starttls/
external site
x_transferred
https://github.com/canarymail/mailcore2/commit/45acb4efbcaa57a20ac5127dc976538671fce018
external site
x_transferred
openwall.com: [oss-security] 20210217 CVE-2021-26911: Canary Mail with IMAP STARTTLS missing certificate validation
external site
mailing-listx_transferred