THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)

Ok

PUBLISHED

CVE-2021-3349

Reserved:2021-02-01
Published:2021-02-01
Updated:2024-06-11

Description

GNOME Evolution through 3.38.3 produces a "Valid signature" message for an unknown identifier on a previously trusted key because Evolution does not retrieve enough information from the GnuPG API. NOTE: third parties dispute the significance of this issue, and dispute whether Evolution is the best place to change this behavior

References

https://gitlab.gnome.org/GNOME/evolution/-/issues/299

https://mgorny.pl/articles/evolution-uid-trust-extrapolation.html

https://dev.gnupg.org/T4735

cve.org CVE-2021-3349

nvd.nist.gov CVE-2021-3349

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2021-3349