ReportizFlow
Filtered by vendor Fetchmail
Subscriptions
Filtered by product Fetchmail
Subscriptions
Total
24 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2335 | 2 Fetchmail, Redhat | 2 Fetchmail, Enterprise Linux | 2025-04-03 | N/A |
| Buffer overflow in the POP3 client in Fetchmail before 6.2.5.2 allows remote POP3 servers to cause a denial of service and possibly execute arbitrary code via long UIDL responses. NOTE: a typo in an advisory accidentally used the wrong CVE identifier for the Fetchmail issue. This is the correct identifier. | ||||
| CVE-2001-0101 | 1 Fetchmail | 1 Fetchmail | 2025-04-03 | N/A |
| Vulnerability in fetchmail 5.5.0-2 and earlier in the AUTHENTICATE GSSAPI command. | ||||
| CVE-2021-39272 | 3 Fedoraproject, Fetchmail, Redhat | 3 Fedora, Fetchmail, Enterprise Linux | 2024-11-21 | 5.9 Medium |
| Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH. | ||||
| CVE-2021-36386 | 3 Fedoraproject, Fetchmail, Redhat | 3 Fedora, Fetchmail, Enterprise Linux | 2024-11-21 | 7.5 High |
| report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf va_list argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. NOTE: it is unclear whether use of Fetchmail on any realistic platform results in an impact beyond an inconvenience to the client user. | ||||