Vendor
Marlam
Products
2
CVEs
3
Across products
4
Status
Private
Products
2- 2 CVEs
- 2 CVEs
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-8337 | Med | 0.35 | 5.3 | 0.01 | Feb 13, 2019 | In msmtp 1.8.2 and mpop 1.4.3, when tls_trust_file has its default configuration, certificate-verification results are not properly checked. | ||
| CVE-2009-3942 | 0.00 | — | 0.01 | Nov 16, 2009 | Martin Lambers msmtp before 1.4.19, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL… | |||
| CVE-2009-3941 | 0.00 | — | 0.01 | Nov 16, 2009 | Martin Lambers mpop before 1.0.19, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL… |
- risk 0.35cvss 5.3epss 0.01
In msmtp 1.8.2 and mpop 1.4.3, when tls_trust_file has its default configuration, certificate-verification results are not properly checked.
- CVE-2009-3942Nov 16, 2009risk 0.00cvss —epss 0.01
Martin Lambers msmtp before 1.4.19, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL…
- CVE-2009-3941Nov 16, 2009risk 0.00cvss —epss 0.01
Martin Lambers mpop before 1.0.19, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL…