rpm package
almalinux/fetchmail
pkg:rpm/almalinux/fetchmail
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-39272 | — | < 6.4.24-1.el8 | 6.4.24-1.el8 | Aug 30, 2021 | Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH. | ||
| CVE-2021-36386 | — | < 6.4.24-1.el8 | 6.4.24-1.el8 | Jul 29, 2021 | report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf va_list argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. NOTE: it is unclear whether use of |
- CVE-2021-39272Aug 30, 2021affected < 6.4.24-1.el8fixed 6.4.24-1.el8
Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH.
- CVE-2021-36386Jul 29, 2021affected < 6.4.24-1.el8fixed 6.4.24-1.el8
report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf va_list argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. NOTE: it is unclear whether use of