rpm package
almalinux/postfix-perl-scripts
pkg:rpm/almalinux/postfix-perl-scripts
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-43964 | Low | 3.7 | < 2:3.8.5-10.el10_2 | 2:3.8.5-10.el10_2 | May 4, 2026 | Postfix before 3.8.16, 3.9 before 3.9.10, and 3.10 before 3.10.9 sometimes allows a buffer over-read and process crash via an enhanced status code that lacks text after the third number. | |
| CVE-2023-51764 | — | < 2:3.5.25-1.el9 | 2:3.5.25-1.el9 | Dec 24, 2023 | Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to in |
- affected < 2:3.8.5-10.el10_2fixed 2:3.8.5-10.el10_2
Postfix before 3.8.16, 3.9 before 3.9.10, and 3.10 before 3.10.9 sometimes allows a buffer over-read and process crash via an enhanced status code that lacks text after the third number.
- CVE-2023-51764Dec 24, 2023affected < 2:3.5.25-1.el9fixed 2:3.5.25-1.el9
Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to in