Search for packages
| purl | pkg:deb/debian/balsa@2.3.13-3 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-4pcg-c1we-aaar
Aliases: CVE-2007-5007 |
Stack-based buffer overflow in the ir_fetch_seq function in balsa before 2.3.20 might allow remote IMAP servers to execute arbitrary code via a long response to a FETCH command. |
Affected by 1 other vulnerability. |
|
VCID-ad4u-daz2-aaap
Aliases: CVE-2020-16118 |
In GNOME Balsa before 2.6.0, a malicious server operator or man in the middle can trigger a NULL pointer dereference and client crash by sending a PREAUTH response to imap_mbox_connect in libbalsa/imap/imap-handle.c. |
Affected by 0 other vulnerabilities. |
|
VCID-yncr-147p-aaaa
Aliases: CVE-2007-1558 |
The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including (1) Thunderbird 1.x before 1.5.0.12 and 2.x before 2.0.0.4, (2) Evolution, (3) mutt, (4) fetchmail before 6.3.8, (5) SeaMonkey 1.0.x before 1.0.9 and 1.1.x before 1.1.2, (6) Balsa 2.3.16 and earlier, (7) Mailfilter before 0.8.2, and possibly other products. |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T18:52:36.217857+00:00 | Debian Oval Importer | Affected by | VCID-4pcg-c1we-aaar | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T17:35:50.747392+00:00 | Debian Oval Importer | Affected by | VCID-yncr-147p-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T15:11:33.602418+00:00 | Debian Oval Importer | Affected by | VCID-4pcg-c1we-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T06:10:35.909693+00:00 | Debian Oval Importer | Affected by | VCID-ad4u-daz2-aaap | None | 36.1.3 |
| 2025-06-21T00:09:41.541247+00:00 | Debian Oval Importer | Affected by | VCID-yncr-147p-aaaa | None | 36.1.3 |
| 2025-06-20T21:13:58.806674+00:00 | Debian Oval Importer | Affected by | VCID-4pcg-c1we-aaar | None | 36.1.3 |
| 2025-06-08T11:22:24.317828+00:00 | Debian Oval Importer | Affected by | VCID-4pcg-c1we-aaar | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T10:10:28.572149+00:00 | Debian Oval Importer | Affected by | VCID-yncr-147p-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T08:05:16.575760+00:00 | Debian Oval Importer | Affected by | VCID-4pcg-c1we-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-07T23:49:30.953063+00:00 | Debian Oval Importer | Affected by | VCID-ad4u-daz2-aaap | None | 36.1.0 |
| 2025-06-07T17:32:28.794079+00:00 | Debian Oval Importer | Affected by | VCID-yncr-147p-aaaa | None | 36.1.0 |
| 2025-06-07T14:38:07.853302+00:00 | Debian Oval Importer | Affected by | VCID-4pcg-c1we-aaar | None | 36.1.0 |
| 2025-04-12T21:30:44.568635+00:00 | Debian Oval Importer | Affected by | VCID-yncr-147p-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T19:27:58.941329+00:00 | Debian Oval Importer | Affected by | VCID-ad4u-daz2-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T17:06:26.083158+00:00 | Debian Oval Importer | Affected by | VCID-4pcg-c1we-aaar | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T15:51:17.642276+00:00 | Debian Oval Importer | Affected by | VCID-yncr-147p-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T06:37:21.808935+00:00 | Debian Oval Importer | Affected by | VCID-4pcg-c1we-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-07T22:21:39.038173+00:00 | Debian Oval Importer | Affected by | VCID-ad4u-daz2-aaap | None | 36.0.0 |
| 2025-04-07T16:07:05.101617+00:00 | Debian Oval Importer | Affected by | VCID-yncr-147p-aaaa | None | 36.0.0 |
| 2025-04-07T13:10:17.262692+00:00 | Debian Oval Importer | Affected by | VCID-4pcg-c1we-aaar | None | 36.0.0 |
| 2024-11-26T08:06:58.726196+00:00 | Debian Oval Importer | Affected by | VCID-4pcg-c1we-aaar | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-11-26T01:48:51.465323+00:00 | Debian Oval Importer | Affected by | VCID-yncr-147p-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-10-12T12:00:37.899428+00:00 | Debian Oval Importer | Affected by | VCID-4pcg-c1we-aaar | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-12T07:56:27.651552+00:00 | Debian Oval Importer | Affected by | VCID-yncr-147p-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-09-20T14:44:15.301433+00:00 | Debian Oval Importer | Affected by | VCID-4pcg-c1we-aaar | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-09-20T13:35:43.873752+00:00 | Debian Oval Importer | Affected by | VCID-yncr-147p-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |