{"id":"CVE-2020-16118","details":"In GNOME Balsa before 2.6.0, a malicious server operator or man in the middle can trigger a NULL pointer dereference and client crash by sending a PREAUTH response to imap_mbox_connect in libbalsa/imap/imap-handle.c.","modified":"2026-04-11T21:20:03.739398Z","published":"2020-07-29T18:15:15Z","related":["openSUSE-SU-2020:1207-1","openSUSE-SU-2020:1230-1"],"references":[{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00035.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00045.html"},{"type":"FIX","url":"https://gitlab.gnome.org/GNOME/balsa/-/commit/4e245d758e1c826a01080d40c22ca8706f0339e5"},{"type":"EVIDENCE","url":"https://gitlab.gnome.org/GNOME/balsa/-/issues/23"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://gitlab.gnome.org/GNOME/balsa","events":[{"introduced":"0"},{"fixed":"f88ed9be84d182668e809c6f06d733b5d288f302"},{"fixed":"4e245d758e1c826a01080d40c22ca8706f0339e5"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"2.6.0"}]}}],"versions":["2.5.3a","2.5.4","2.5.5","2.5.6","2.5.7a","2.5.8","2.5.9","BALSA_1_0_0","BALSA_1_1_0","BALSA_1_1_1","BALSA_1_1_2","BALSA_1_1_4","BALSA_1_1_7","BALSA_1_2_0","BALSA_1_2_2","BALSA_1_2_pre2","BALSA_1_3_0","BALSA_1_3_3","BALSA_1_3_4","BALSA_1_3_5","BALSA_1_3_6","BALSA_1_4_0","BALSA_1_4_1","BALSA_2_0_13","BALSA_2_0_8","BALSA_2_0_9","BALSA_2_1_1","BALSA_2_1_2","BALSA_2_1_3","BALSA_2_1_91","BALSA_2_2_1","BALSA_2_2_2","BALSA_2_2_4","BALSA_2_2_5","BALSA_2_2_6","BALSA_2_3_0","BALSA_2_3_1","BALSA_2_3_10","BALSA_2_3_12","BALSA_2_3_13","BALSA_2_3_15","BALSA_2_3_19","BALSA_2_3_2","BALSA_2_3_20","BALSA_2_3_24","BALSA_2_3_26","BALSA_2_3_3","BALSA_2_3_4","BALSA_2_3_5","BALSA_2_3_7","BALSA_2_3_8","GNOME0","GNOME_MEDIA_1_2_2","GNOME_PRINT_0_24","WITHXMHTML","balsa-0-8","balsa-0-9-5","balsa-0_6_0","before-new-toolbars","dev_0_9_1","initial-BALSA-CONFIG","release_tag"],"database_specific":{"vanir_signatures":[{"deprecated":false,"signature_version":"v1","signature_type":"Function","target":{"file":"libbalsa/imap/imap-handle.c","function":"ir_preauth"},"source":"https://gitlab.gnome.org/GNOME/balsa@4e245d758e1c826a01080d40c22ca8706f0339e5","id":"CVE-2020-16118-1c938bdf","digest":{"function_hash":"31836230078113631678238411961133440548","length":145}},{"deprecated":false,"signature_version":"v1","signature_type":"Function","target":{"file":"libbalsa/imap/imap-handle.c","function":"imap_mbox_connect"},"source":"https://gitlab.gnome.org/GNOME/balsa@4e245d758e1c826a01080d40c22ca8706f0339e5","id":"CVE-2020-16118-4f5bbbed","digest":{"function_hash":"293968677701453279845062206111635714870","length":1964}},{"deprecated":false,"signature_version":"v1","signature_type":"Line","target":{"file":"libbalsa/imap/imap-handle.c"},"source":"https://gitlab.gnome.org/GNOME/balsa@4e245d758e1c826a01080d40c22ca8706f0339e5","id":"CVE-2020-16118-c46feb0d","digest":{"threshold":0.9,"line_hashes":["1643226158156333488970853661134900088","228218704177446988173638814297809441413","236248795415852436039219694572462381721","18478388076030129196173864960940574670","23703402067512023341633421662796275974","118947903512508494928110480117462030534","98931956777700046772554200538121766800","238454973838811676910368375657663991330","263680398036305298661078886103628345842","201554279598316517544620395921944958198"]}}],"vanir_signatures_modified":"2026-04-11T21:20:03Z","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"15.0-sp1"}]},{"events":[{"introduced":"0"},{"last_affected":"15.1"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-16118.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}