rpm package
opensuse/fetchmail&distro=openSUSE Leap 15.3
pkg:rpm/opensuse/fetchmail&distro=openSUSE%20Leap%2015.3
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-39272 | — | < 6.3.26-20.17.1 | 6.3.26-20.17.1 | Aug 30, 2021 | Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH. | ||
| CVE-2021-36386 | — | < 6.3.26-20.14.1 | 6.3.26-20.14.1 | Jul 29, 2021 | report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf va_list argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. NOTE: it is unclear whether use of |
- CVE-2021-39272Aug 30, 2021affected < 6.3.26-20.17.1fixed 6.3.26-20.17.1
Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH.
- CVE-2021-36386Jul 29, 2021affected < 6.3.26-20.14.1fixed 6.3.26-20.14.1
report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf va_list argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. NOTE: it is unclear whether use of