CVE-2021-38370

Опубликовано: 10 авг. 2021

Источник: nvd

CVSS3: 5.9

CVSS2: 4.3

EPSS Низкий

Описание

In Alpine before 2.25, untagged responses from an IMAP server are accepted before STARTTLS.

Ссылки

https://alpine.x10host.com
Release Notes
Third Party Advisory
https://bugs.gentoo.org/807613#c4
Third Party Advisory
https://nostarttls.secvuln.info
Exploit
Third Party Advisory
https://security.gentoo.org/glsa/202301-07
Third Party Advisory
https://alpine.x10host.com
Release Notes
Third Party Advisory
https://bugs.gentoo.org/807613#c4
Third Party Advisory
https://nostarttls.secvuln.info
Exploit
Third Party Advisory
https://security.gentoo.org/glsa/202301-07
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:alpine_project:alpine:*:*:*:*:*:*:*:*

Версия до 2.25 (исключая)

EPSS

Процентиль: 64%

0.00478

Низкий

5.9 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-77

Связанные уязвимости

CVE-2021-38370

CVSS3: 5.9

ubuntu

больше 4 лет назад

In Alpine before 2.25, untagged responses from an IMAP server are accepted before STARTTLS.

CVE-2021-38370

CVSS3: 5.9

debian

больше 4 лет назад

In Alpine before 2.25, untagged responses from an IMAP server are acce ...

GHSA-2c2h-qvww-cw95

CVSS3: 5.9

github

больше 3 лет назад

In Alpine through 2.24, untagged responses from an IMAP server are accepted before STARTTLS.

EPSS

Процентиль: 64%

0.00478

Низкий

5.9 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-77