CVE-2019-16791

Опубликовано: 22 янв. 2020

Источник: nvd

CVSS3: 6.9

CVSS3: 5.9

CVSS2: 4.3

EPSS Низкий

Описание

In postfix-mta-sts-resolver before 0.5.1, All users can receive incorrect response from daemon under rare conditions, rendering downgrade of effective STS policy.

Ссылки

https://gist.github.com/Snawoot/b9da85d6b26dea5460673b29df1adc6b
Patch
Third Party Advisory
https://github.com/Snawoot/postfix-mta-sts-resolver/security/advisories/GHSA-h92m-42h4-82f6
Patch
Third Party Advisory
https://gist.github.com/Snawoot/b9da85d6b26dea5460673b29df1adc6b
Patch
Third Party Advisory
https://github.com/Snawoot/postfix-mta-sts-resolver/security/advisories/GHSA-h92m-42h4-82f6
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:postfix-mta-sts-resolver_project:postfix-mta-sts-resolver:*:*:*:*:*:*:*:*

Версия до 0.5.1 (исключая)

EPSS

Процентиль: 53%

0.003

Низкий

6.9 Medium

CVSS3

5.9 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-757

NVD-CWE-Other

Связанные уязвимости

CVE-2019-16791

CVSS3: 6.9

ubuntu

около 6 лет назад

In postfix-mta-sts-resolver before 0.5.1, All users can receive incorrect response from daemon under rare conditions, rendering downgrade of effective STS policy.

CVE-2019-16791

CVSS3: 6.9

debian

около 6 лет назад

In postfix-mta-sts-resolver before 0.5.1, All users can receive incorr ...

GHSA-h92m-42h4-82f6

CVSS3: 6.9

github

больше 6 лет назад

postfix-mta-sts-resolver Algorithm Downgrade vulnerability

EPSS

Процентиль: 53%

0.003

Низкий

6.9 Medium

CVSS3

5.9 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-757

NVD-CWE-Other