Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/balsa@2.3.0-2sarge1
purl pkg:deb/debian/balsa@2.3.0-2sarge1
Next non-vulnerable version 2.6.1-1
Latest non-vulnerable version 2.6.1-1
Risk 1.3
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-ukjn-pbdj-u3e3
Aliases:
CVE-2007-1558
Multiple vulnerabilities have been reported in Mozilla Firefox, Thunderbird, SeaMonkey and XULRunner, some of which may allow user-assisted arbitrary remote code execution.
2.3.25-1
Affected by 1 other vulnerability.
VCID-yxy2-97px-u3ek
Aliases:
CVE-2020-16118
In GNOME Balsa before 2.6.0, a malicious server operator or man in the middle can trigger a NULL pointer dereference and client crash by sending a PREAUTH response to imap_mbox_connect in libbalsa/imap/imap-handle.c.
2.6.1-1
Affected by 0 other vulnerabilities.
VCID-yyvn-erek-pqg9
Aliases:
CVE-2007-5007
Balsa is vulnerable to a buffer overflow allowing for the user-assisted execution of arbitrary code.
2.3.25-1
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-8azh-711b-xuap Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder, a different vulnerability than CVE-2003-0140. CVE-2003-0167

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-15T23:19:43.835673+00:00 Debian Oval Importer Affected by VCID-ukjn-pbdj-u3e3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T22:06:39.788492+00:00 Debian Oval Importer Fixing VCID-8azh-711b-xuap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:07:14.008364+00:00 Debian Oval Importer Affected by VCID-yxy2-97px-u3ek https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:26:20.595130+00:00 Debian Oval Importer Affected by VCID-yyvn-erek-pqg9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-11T22:55:21.035056+00:00 Debian Oval Importer Affected by VCID-ukjn-pbdj-u3e3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T21:44:38.488832+00:00 Debian Oval Importer Fixing VCID-8azh-711b-xuap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T19:48:51.745384+00:00 Debian Oval Importer Affected by VCID-yxy2-97px-u3ek https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:13:33.402850+00:00 Debian Oval Importer Affected by VCID-yyvn-erek-pqg9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T22:29:42.523884+00:00 Debian Oval Importer Affected by VCID-ukjn-pbdj-u3e3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:22:28.034445+00:00 Debian Oval Importer Fixing VCID-8azh-711b-xuap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T19:31:29.412120+00:00 Debian Oval Importer Affected by VCID-yxy2-97px-u3ek https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:05:55.294696+00:00 Debian Oval Importer Affected by VCID-yyvn-erek-pqg9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0