VulnerableCode Package Details - pkg:deb/debian/glib-networking@2.58.0-2%2Bdeb10u2

Search for packages

Vulnerability	Summary	Fixed by
VCID-e46k-7jmt-aaak Aliases: CVE-2020-13645	In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. This is in contrast to its intended documented behavior, to fail the certificate verification. Applications that fail to provide the server identity, including Balsa before 2.5.11 and 2.6.x before 2.6.1, accept a TLS certificate if the certificate is valid for any host.	2.66.0-2 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-e46k-7jmt-aaak
Aliases:
CVE-2020-13645

In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. This is in contrast to its intended documented behavior, to fail the certificate verification. Applications that fail to provide the server identity, including Balsa before 2.5.11 and 2.6.x before 2.6.1, accept a TLS certificate if the certificate is valid for any host.

2.66.0-2
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-e46k-7jmt-aaak	In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. This is in contrast to its intended documented behavior, to fail the certificate verification. Applications that fail to provide the server identity, including Balsa before 2.5.11 and 2.6.x before 2.6.1, accept a TLS certificate if the certificate is valid for any host.	CVE-2020-13645

Vulnerability

Summary

Aliases

VCID-e46k-7jmt-aaak

CVE-2020-13645

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-21T15:29:10.055211+00:00	Debian Oval Importer	Fixing	VCID-e46k-7jmt-aaak	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.3
2025-06-21T05:08:05.285675+00:00	Debian Oval Importer	Affected by	VCID-e46k-7jmt-aaak	None	36.1.3
2025-06-20T21:46:10.668074+00:00	Debian Oval Importer	Fixing	VCID-e46k-7jmt-aaak	None	36.1.3
2025-06-08T08:23:42.903007+00:00	Debian Oval Importer	Fixing	VCID-e46k-7jmt-aaak	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.0
2025-06-07T22:45:32.282261+00:00	Debian Oval Importer	Affected by	VCID-e46k-7jmt-aaak	None	36.1.0
2025-06-07T15:09:11.978894+00:00	Debian Oval Importer	Fixing	VCID-e46k-7jmt-aaak	None	36.1.0
2025-04-12T22:14:08.012215+00:00	Debian Oval Importer	Affected by	VCID-e46k-7jmt-aaak	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-08T06:55:04.406249+00:00	Debian Oval Importer	Fixing	VCID-e46k-7jmt-aaak	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.0.0
2025-04-07T21:17:24.924244+00:00	Debian Oval Importer	Affected by	VCID-e46k-7jmt-aaak	None	36.0.0
2025-04-07T13:40:54.999453+00:00	Debian Oval Importer	Fixing	VCID-e46k-7jmt-aaak	None	36.0.0