VulnerableCode Package Details - pkg:deb/debian/evolution@2.22.3.1-1

Search for packages

Vulnerability	Summary	Fixed by
VCID-1kgt-ev1b-vqey Aliases: CVE-2009-1631	The Mailer component in Evolution 2.26.1 and earlier uses world-readable permissions for the .evolution directory, and certain directories and files under .evolution/ related to local mail, which allows local users to obtain sensitive information by reading these files.	2.30.3-5 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-7kpt-g36p-7ycv Aliases: CVE-2020-11879		3.38.3-1+deb11u2 Affected by 0 other vulnerabilities.
VCID-7pcu-prtr-bqhg Aliases: CVE-2018-15587		3.30.5-1.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 3.22.6-1+deb9u2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-1kgt-ev1b-vqey
Aliases:
CVE-2009-1631

The Mailer component in Evolution 2.26.1 and earlier uses world-readable permissions for the .evolution directory, and certain directories and files under .evolution/ related to local mail, which allows local users to obtain sensitive information by reading these files.

2.30.3-5
Affected by 2 other vulnerabilities.

VCID-7kpt-g36p-7ycv
Aliases:
CVE-2020-11879

3.38.3-1+deb11u2
Affected by 0 other vulnerabilities.

VCID-7pcu-prtr-bqhg
Aliases:
CVE-2018-15587

3.30.5-1.1
Affected by 1 other vulnerability.

3.22.6-1+deb9u2
Affected by 2 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-27dq-4ygw-ebhe	GNOME Evolution 2.4.2.1 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a text e-mail with a large number of URLs, possibly due to unknown problems in gtkhtml.	CVE-2006-0040
VCID-3ja7-4cwn-cbfr	A format string error has been discovered in Evolution, possibly resulting in the execution of arbitrary code.	CVE-2008-0072
VCID-67d5-ftaf-8yhj	The IMAP client of Evolution contains a vulnerability potentially leading to the execution of arbitrary code.	CVE-2007-3257
VCID-9du9-wsr8-d7ay	Multiple vulnerabilities in Evolution may allow for user-assisted execution of arbitrary code.	CVE-2008-1109
VCID-f121-myv6-6ua1	A vulnerability has been discovered in Evolution allowing for the execution of arbitrary code.	CVE-2007-1002
VCID-kp8e-yu4x-2ygc	Multiple vulnerabilities in Evolution may allow for user-assisted execution of arbitrary code.	CVE-2008-1108

Vulnerability

Summary

Aliases

VCID-27dq-4ygw-ebhe

GNOME Evolution 2.4.2.1 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a text e-mail with a large number of URLs, possibly due to unknown problems in gtkhtml.

CVE-2006-0040

VCID-3ja7-4cwn-cbfr

A format string error has been discovered in Evolution, possibly resulting in the execution of arbitrary code.

CVE-2008-0072

VCID-67d5-ftaf-8yhj

The IMAP client of Evolution contains a vulnerability potentially leading to the execution of arbitrary code.

CVE-2007-3257

VCID-9du9-wsr8-d7ay

Multiple vulnerabilities in Evolution may allow for user-assisted execution of arbitrary code.

CVE-2008-1109

VCID-f121-myv6-6ua1

A vulnerability has been discovered in Evolution allowing for the execution of arbitrary code.

CVE-2007-1002

VCID-kp8e-yu4x-2ygc

Multiple vulnerabilities in Evolution may allow for user-assisted execution of arbitrary code.

CVE-2008-1108

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-13T10:56:35.086180+00:00	Debian Oval Importer	Affected by	VCID-7kpt-g36p-7ycv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T09:22:11.924309+00:00	Debian Oval Importer	Fixing	VCID-67d5-ftaf-8yhj	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T09:21:52.404625+00:00	Debian Oval Importer	Fixing	VCID-3ja7-4cwn-cbfr	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T09:17:55.205709+00:00	Debian Oval Importer	Fixing	VCID-27dq-4ygw-ebhe	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T08:45:06.205010+00:00	Debian Oval Importer	Affected by	VCID-7pcu-prtr-bqhg	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T08:28:54.415202+00:00	Debian Oval Importer	Fixing	VCID-f121-myv6-6ua1	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T08:26:30.364480+00:00	Debian Oval Importer	Fixing	VCID-kp8e-yu4x-2ygc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T07:32:07.969952+00:00	Debian Oval Importer	Fixing	VCID-9du9-wsr8-d7ay	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T04:27:32.638597+00:00	Debian Oval Importer	Affected by	VCID-1kgt-ev1b-vqey	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T00:44:37.182168+00:00	Debian Oval Importer	Affected by	VCID-7pcu-prtr-bqhg	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.6.0