Skip to main content

Fetchmail

3 CVEs product

Monthly

CVE-2021-39272 MEDIUM This Month

Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Fetchmail Fedora
NVD
CVSS 3.1
5.9
EPSS
0.9%
CVE-2021-36386 HIGH PATCH This Week

report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf va_list argument, which might allow mail servers to cause a denial of service or possibly have. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Fetchmail Fedora
NVD
CVSS 3.1
7.5
EPSS
2.6%
CVE-2012-3482 MEDIUM PATCH This Month

Fetchmail 5.0.8 through 6.3.21, when using NTLM authentication in debug mode, allows remote NTLM servers to (1) cause a denial of service (crash and delayed delivery of inbound mail) via a crafted. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Buffer Overflow Denial Of Service Fetchmail
NVD
CVSS 2.0
5.8
EPSS
0.7%
EPSS 1% CVSS 5.9
MEDIUM This Month

Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Fetchmail Fedora
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf va_list argument, which might allow mail servers to cause a denial of service or possibly have. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Fetchmail Fedora
NVD
EPSS 1% CVSS 5.8
MEDIUM PATCH This Month

Fetchmail 5.0.8 through 6.3.21, when using NTLM authentication in debug mode, allows remote NTLM servers to (1) cause a denial of service (crash and delayed delivery of inbound mail) via a crafted. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Buffer Overflow Denial Of Service Fetchmail
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy