Opensmtpd
by OpenBSD
Source repositories
CVEs (8)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-7687 | Cri | 0.64 | 9.8 | 0.04 | Oct 16, 2017 | Use-after-free vulnerability in OpenSMTPD before 5.7.2 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via vectors involving req_ca_vrfy_smtp and req_ca_vrfy_mta. | ||
| CVE-2020-7247 | 0.23 | — | 0.99 | KEV | Jan 29, 2020 | smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented"… | ||
| CVE-2020-8794 | 0.10 | — | 0.89 | Feb 25, 2020 | OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds read in mta_io in mta_session.c for multi-line replies. Although this vulnerability affects the client side of OpenSMTPD, it is possible to attack a server because the server code launches the client… | |||
| CVE-2020-8793 | 0.03 | — | 0.01 | Feb 25, 2020 | OpenSMTPD before 6.6.4 allows local users to read arbitrary files (e.g., on some Linux distributions) because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c. | |||
| CVE-2025-62875 | 0.00 | — | 0.00 | Nov 20, 2025 | An Improper Check for Unusual or Exceptional Conditions vulnerability in OpenSMTPD allows local users to crash OpenSMTPD. This issue affects openSUSE Tumbleweed: from ? before 7.8.0p0-1.1. | |||
| CVE-2023-29323 | 0.00 | — | 0.00 | Apr 4, 2023 | ascii_load_sockaddr in smtpd in OpenBSD before 7.1 errata 024 and 7.2 before errata 020, and OpenSMTPD Portable before 7.0.0-portable commit f748277, can abort upon a connection from a local, scoped IPv6 address. | |||
| CVE-2020-35680 | 0.00 | — | 0.04 | Dec 24, 2020 | smtpd/lka_filter.c in OpenSMTPD before 6.8.0p1, in certain configurations, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted pattern of client activity, because the filter state machine does not properly maintain the… | |||
| CVE-2013-2125 | 0.00 | — | 0.02 | May 27, 2014 | OpenSMTPD before 5.3.2 does not properly handle SSL sessions, which allows remote attackers to cause a denial of service (connection blocking) by keeping a connection open. |
- risk 0.64cvss 9.8epss 0.04
Use-after-free vulnerability in OpenSMTPD before 5.7.2 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via vectors involving req_ca_vrfy_smtp and req_ca_vrfy_mta.
- risk 0.23cvss —epss 0.99
smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented"…
- CVE-2020-8794Feb 25, 2020risk 0.10cvss —epss 0.89
OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds read in mta_io in mta_session.c for multi-line replies. Although this vulnerability affects the client side of OpenSMTPD, it is possible to attack a server because the server code launches the client…
- CVE-2020-8793Feb 25, 2020risk 0.03cvss —epss 0.01
OpenSMTPD before 6.6.4 allows local users to read arbitrary files (e.g., on some Linux distributions) because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c.
- CVE-2025-62875Nov 20, 2025risk 0.00cvss —epss 0.00
An Improper Check for Unusual or Exceptional Conditions vulnerability in OpenSMTPD allows local users to crash OpenSMTPD. This issue affects openSUSE Tumbleweed: from ? before 7.8.0p0-1.1.
- CVE-2023-29323Apr 4, 2023risk 0.00cvss —epss 0.00
ascii_load_sockaddr in smtpd in OpenBSD before 7.1 errata 024 and 7.2 before errata 020, and OpenSMTPD Portable before 7.0.0-portable commit f748277, can abort upon a connection from a local, scoped IPv6 address.
- CVE-2020-35680Dec 24, 2020risk 0.00cvss —epss 0.04
smtpd/lka_filter.c in OpenSMTPD before 6.8.0p1, in certain configurations, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted pattern of client activity, because the filter state machine does not properly maintain the…
- CVE-2013-2125May 27, 2014risk 0.00cvss —epss 0.02
OpenSMTPD before 5.3.2 does not properly handle SSL sessions, which allows remote attackers to cause a denial of service (connection blocking) by keeping a connection open.