Launchpad.net

CVE 2016-1000033

Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification validation flaw resulting in a potential for man in the middle attacks.

See the CVE page on Mitre.org for more details.

References