Skip to main content

Mailcore2

2 CVEs product

Monthly

CVE-2021-26911 HIGH POC PATCH This Week

core/imap/MCIMAPSession.cpp in Canary Mail before 3.22 has Missing SSL Certificate Validation for IMAP in STARTTLS mode. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Information Disclosure Canary Mail Mailcore2
NVD GitHub
CVSS 3.1
7.4
EPSS
1.1%
CVE-2020-15953 HIGH POC This Week

LibEtPan through 1.9.4, as used in MailCore 2 through 0.6.3 and other products, has a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Code Injection Libetpan Mailcore2 Fedora Debian Linux
NVD GitHub
CVSS 3.1
7.4
EPSS
2.4%
EPSS 1% CVSS 7.4
HIGH POC PATCH This Week

core/imap/MCIMAPSession.cpp in Canary Mail before 3.22 has Missing SSL Certificate Validation for IMAP in STARTTLS mode. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Information Disclosure Canary Mail Mailcore2
NVD GitHub
EPSS 2% CVSS 7.4
HIGH POC This Week

LibEtPan through 1.9.4, as used in MailCore 2 through 0.6.3 and other products, has a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Code Injection Libetpan Mailcore2 +2
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy