rpm package
opensuse/postfix&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/postfix&distro=openSUSE%20Tumbleweed
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-43964 | Low | 3.7 | < 3.11.2-1.1 | 3.11.2-1.1 | May 4, 2026 | Postfix before 3.8.16, 3.9 before 3.9.10, and 3.10 before 3.10.9 sometimes allows a buffer over-read and process crash via an enhanced status code that lacks text after the third number. | |
| CVE-2023-51764 | — | < 3.8.4-2.1 | 3.8.4-2.1 | Dec 24, 2023 | Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to in | ||
| CVE-2023-32182 | — | < 3.8.3-1.1 | 3.8.3-1.1 | Sep 19, 2023 | A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix.This issue affects SUSE Linux Enterprise Desk |
- affected < 3.11.2-1.1fixed 3.11.2-1.1
Postfix before 3.8.16, 3.9 before 3.9.10, and 3.10 before 3.10.9 sometimes allows a buffer over-read and process crash via an enhanced status code that lacks text after the third number.
- CVE-2023-51764Dec 24, 2023affected < 3.8.4-2.1fixed 3.8.4-2.1
Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to in
- CVE-2023-32182Sep 19, 2023affected < 3.8.3-1.1fixed 3.8.3-1.1
A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix.This issue affects SUSE Linux Enterprise Desk