Vulnerabilidades em OfflineIMAP
3 resultadosCVE-2010-4533—offlineimap before 6.3.4 added support for SSL server certificate validation but it is still possible to use SSL v2 protocol, which is a flaEPSS 1.0%CVE-2010-4532—offlineimap before 6.3.2 does not check for SSL server certificate validation when "ssl = yes" option is specified which can allow man-in-thEPSS 0.6%CVE-2020-37248MEDIUMOfflineIMAP before 8.0.3 trusts the server with their STARTTLS capability prior to authentication, which allows STRIPTLS/man-in-the-middle aEPSS 0.2%