rpm package
suse/fetchmail&distro=SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS
pkg:rpm/suse/fetchmail&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOS
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-39272 | — | < 6.4.22-20.20.1 | 6.4.22-20.20.1 | Aug 30, 2021 | Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH. | ||
| CVE-2021-36386 | — | < 6.3.26-20.14.1 | 6.3.26-20.14.1 | Jul 29, 2021 | report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf va_list argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. NOTE: it is unclear whether use of |
- CVE-2021-39272Aug 30, 2021affected < 6.4.22-20.20.1fixed 6.4.22-20.20.1
Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH.
- CVE-2021-36386Jul 29, 2021affected < 6.3.26-20.14.1fixed 6.3.26-20.14.1
report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf va_list argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. NOTE: it is unclear whether use of