GNOME evolution-ews SSL Certificate Validation Information Disclosure Vulnerability
A vulnerability in GNOME evolution-ews could allow an unauthenticated, remote attacker to access sensitive information or bypass security restrictions on a targeted system.
The vulnerability exists because the affected software does not properly validate SSL certificates. An attacker could exploit this vulnerability by persuading a user to connect to a malicious server. A successful exploit could be used to conduct further attacks.
GNOME has confirmed the vulnerability and released software updates.
Security Impact Rating: High