CVE-2025-61962

Опубликовано: 04 окт. 2025

Источник: debian

EPSS Низкий

Описание

In fetchmail before 6.5.6, the SMTP client can crash when authenticating upon receiving a 334 status code in a malformed context.

Пакет	Статус	Версия исправления	Релиз	Тип
fetchmail	fixed	6.5.6-1		package
fetchmail	no-dsa		trixie	package
fetchmail	no-dsa		bookworm	package
fetchmail	postponed		bullseye	package

https://www.fetchmail.info/fetchmail-SA-2025-01.txt
Fixed by: https://gitlab.com/fetchmail/fetchmail/-/commit/4c3cebfa4e659fb778ca2cae0ccb3f69201609a8 (6.5.6)
Followup: https://gitlab.com/fetchmail/fetchmail/-/commit/3c9e49d70e5d958f10b94fc58b3c5046f87cff7a (6.5.7)

EPSS

Процентиль: 20%

0.00062

Низкий

CVE-2025-61962

CVSS3: 5.9

ubuntu

4 месяца назад

In fetchmail before 6.5.6, the SMTP client can crash when authenticating upon receiving a 334 status code in a malformed context.

CVE-2025-61962

CVSS3: 5.9

nvd

4 месяца назад

In fetchmail before 6.5.6, the SMTP client can crash when authenticating upon receiving a 334 status code in a malformed context.

SUSE-SU-2025:3966-1

suse-cvrf

3 месяца назад

Security update for fetchmail

SUSE-SU-2025:3845-1

suse-cvrf

3 месяца назад

Security update for fetchmail

GHSA-q9v7-qrhr-3q9v

CVSS3: 5.9

github

4 месяца назад

In fetchmail before 6.5.6, the SMTP client can crash when authenticating upon receiving a 334 status code in a malformed context.

EPSS

Процентиль: 20%

0.00062

Низкий