CVEs (2)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
Shotwell version 0.24.4 or earlier and 0.25.3 or earlier is vulnerable to an information disclosure in the web publishing plugins resulting in potential password and oauth token plaintext transmission |
2Gnome Redhat2Enterprise Linux ShotwellMay 6, 2026 Oct 25, 2016 N/A· v4 3.7 LOW· v3 4.3 MEDIUM· v2 Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification validation flaw resulting in a potential for man in the middle attacks. |