VYPR

Aiosmtpd

by Aio Libs

pypi: aiosmtpd

Source repositories

CVEs (2)

  • CVE-2024-34083MedMay 18, 2024
    risk 0.28cvss 5.4epss 0.00

    aiosmptd is a reimplementation of the Python stdlib smtpd.py based on asyncio. Prior to version 1.4.6, servers based on aiosmtpd accept extra unencrypted commands after STARTTLS, treating them as if they came from inside the encrypted connection. This could be exploited by a…

  • CVE-2024-27305Mar 12, 2024
    risk 0.00cvss epss 0.00

    aiosmtpd is a reimplementation of the Python stdlib smtpd.py based on asyncio. aiosmtpd is vulnerable to inbound SMTP smuggling. SMTP smuggling is a novel vulnerability based on not so novel interpretation differences of the SMTP protocol. By exploiting SMTP smuggling, an…