pkg:Debian/fetchmail

All known vulnerabilities

• HIGH7.5CVE-2021-36386report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf va_list argument, which might allow ma…
  from 0, < 6.4.16-4
• MEDIUM5.9CVE-2025-61962In fetchmail before 6.5.6, the SMTP client can crash when authenticating upon receiving a 334 status code in a malformed context.
  from 0
• MEDIUM5.9CVE-2021-39272Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAU…
  from 0
• —Fetchmail 5.0.8 through 6.3.21, when using NTLM authentication in debug mode, allows remote NTLM servers to (1) cause a denial of service (…
  from 0, < 6.3.22-1
• —fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time after issuing a (1) STARTTLS or (2) STLS request, which allows remote…
  from 0, < 6.3.22-1
• —fetchmail 4.6.3 through 6.3.16, when debug mode is enabled, does not properly handle invalid characters in a multi-character locale, which…
  from 0, < 6.3.16-2
• —The sdump function in sdump.c in fetchmail 6.3.11, 6.3.12, and 6.3.13, when running in verbose mode on platforms for which char is signed,…
  from 0, < 6.3.13-2
• —fetchmail - SSL certificate verification weakness
  from 0, < 6.3.9~rc2-6
• —fetchmail - SSL certificate verification weakness
  from 0, < 6.3.6-1etch2
• —fetchmail 6.3.8 and earlier, when running in -v -v (aka verbose) mode, allows remote attackers to cause a denial of service (crash and pers…
  from 0, < 6.3.9~rc2-1
• —fetchmail - null pointer dereference
  from 0, < 6.3.6-1etch1
• —fetchmail - null pointer dereference
  from 0, < 6.3.8-8
• —icedove - several vulnerabilities
  from 0, < 6.3.8-1
• —fetchmail
  from 0, < 6.2.5-12sarge5
• —fetchmail
  from 0, < 6.3.6-1
• —fetchmail 6.3.5 and 6.3.6 before 6.3.6-rc4, when refusing a message delivered via the mda option, allows remote attackers to cause a denial…
  from 0, < 6.3.6-1
• —fetchmail 6.3.0 and other versions before 6.3.2 allows remote attackers to cause a denial of service (crash) via crafted e-mail messages th…
  from 0, < 6.3.2-1
• —fetchmail - programming error
  from 0, < 6.3.1-1
• —fetchmail - programming error
  from 0, < 6.2.5-12sarge4
• —fetchmail - programming error
  from 0, < 5.9.11-6.4
• —fetchmail - programming error
  from 0, < 6.2.5.4-1
• —fetchmail - buffer overflow
  from 0, < 6.2.5-16
• —fetchmail - buffer overflow
  from 0, < 6.2.5-12sarge1
• —Fetchmail 6.2.4 and earlier does not properly allocate memory for long lines, which allows remote attackers to cause a denial of service (c…
  from 0, < 6.2.5
• —fetchmail - buffer overflow
  from 0, < 5.9.11-6.2
• —fetchmail - buffer overflow
  from 0, < 6.2.0-1
• —fetchmail - buffer overflows
  from 0, < 5.9.11-6.1
• —fetchmail - buffer overflows
  from 0, < 6.1.0-1
• —The getmxrecord function in Fetchmail 6.0.0 and earlier does not properly check the boundary of a particular malformed DNS packet from a ma…
  from 0, < 6.1.0-1