← back
CVE-2016-20011

CVE-2016-20011

EPSS 1.5%
libgrss through 0.7.0 fails to perform TLS certificate verification when downloading feeds, allowing remote attackers to manipulate the contents of feeds without detection. This occurs because of the default behavior of SoupSessionSync.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugzilla.gnome.org/show_bug.cgi?id=772647https://gitlab.gnome.org/GNOME/libgrss/-/issues/4https://gitlab.gnome.org/GNOME/libgrss/-/merge_requests/7.patch