CVE-2021-36386

Опубликовано: 30 июл. 2021

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS2: 5

CVSS3: 7.5

Описание

report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf va_list argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. NOTE: it is unclear whether use of Fetchmail on any realistic platform results in an impact beyond an inconvenience to the client user.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	not-affected	6.4.16-5
esm-infra-legacy/trusty	DNE
esm-infra/bionic	needs-triage
esm-infra/focal	needs-triage
esm-infra/xenial	needs-triage
focal	ignored	end of standard support, was needs-triage
hirsute	ignored	end of life
impish	not-affected	6.4.16-5
jammy	not-affected	6.4.16-5

Показывать по

Ссылки на источники

EPSS

Процентиль: 49%

0.0026

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2021-36386

CVSS3: 7.5

redhat

больше 4 лет назад

CVE-2021-36386

CVSS3: 7.5

nvd

больше 4 лет назад

CVE-2021-36386

CVSS3: 7.5

msrc

почти 4 года назад

report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf va_list argument which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. NOTE: it is unclear whether use of Fetchmail on any realistic platform results in an impact beyond an inconvenience to the client user.

CVE-2021-36386

CVSS3: 7.5

debian

больше 4 лет назад

report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits i ...

openSUSE-SU-2021:2791-1

suse-cvrf

больше 4 лет назад

Security update for fetchmail

EPSS

Процентиль: 49%

0.0026

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

CVE-2021-36386

Описание

Пакет fetchmail

Ссылки на источники

Связанные уязвимости