Search for packages
Package details: pkg:deb/debian/fetchmail@6.3.21-4
purl pkg:deb/debian/fetchmail@6.3.21-4
Next non-vulnerable version 6.4.37-1
Latest non-vulnerable version 6.4.37-1
Risk 3.4
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-62nh-5871-aaar
Aliases:
CVE-2012-3482
Fetchmail 5.0.8 through 6.3.21, when using NTLM authentication in debug mode, allows remote NTLM servers to (1) cause a denial of service (crash and delayed delivery of inbound mail) via a crafted NTLM response that triggers an out-of-bounds read in the base64 decoder, or (2) obtain sensitive information from memory via an NTLM Type 2 message with a crafted Target Name structure, which triggers an out-of-bounds read.
6.3.26-1
Affected by 1 other vulnerability.
VCID-67up-vtns-aaak
Aliases:
CVE-2021-36386
report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf va_list argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. NOTE: it is unclear whether use of Fetchmail on any realistic platform results in an impact beyond an inconvenience to the client user.
6.4.16-4+deb11u1
Affected by 1 other vulnerability.
VCID-dqer-jfgw-aaaq
Aliases:
CVE-2011-1947
fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time after issuing a (1) STARTTLS or (2) STLS request, which allows remote servers to cause a denial of service (application hang) by acknowledging the request but not sending additional packets.
6.3.26-1
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T19:11:01.360668+00:00 Debian Oval Importer Affected by VCID-dqer-jfgw-aaaq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T16:21:40.388722+00:00 Debian Oval Importer Affected by VCID-62nh-5871-aaar https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T11:31:27.887971+00:00 Debian Oval Importer Affected by VCID-dqer-jfgw-aaaq https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T05:26:48.814193+00:00 Debian Oval Importer Affected by VCID-67up-vtns-aaak None 36.1.3
2025-06-20T23:35:35.881644+00:00 Debian Oval Importer Affected by VCID-dqer-jfgw-aaaq None 36.1.3
2025-06-20T22:29:12.989549+00:00 Debian Oval Importer Affected by VCID-62nh-5871-aaar None 36.1.3
2025-06-08T12:25:11.300469+00:00 Debian Oval Importer Affected by VCID-67up-vtns-aaak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T12:19:51.175176+00:00 Debian Oval Importer Affected by VCID-62nh-5871-aaar https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T11:39:55.170612+00:00 Debian Oval Importer Affected by VCID-dqer-jfgw-aaaq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T09:07:48.486899+00:00 Debian Oval Importer Affected by VCID-62nh-5871-aaar https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T04:51:22.856557+00:00 Debian Oval Importer Affected by VCID-dqer-jfgw-aaaq https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-07T23:04:33.563756+00:00 Debian Oval Importer Affected by VCID-67up-vtns-aaak None 36.1.0
2025-06-07T16:58:32.764775+00:00 Debian Oval Importer Affected by VCID-dqer-jfgw-aaaq None 36.1.0
2025-06-07T15:53:23.947894+00:00 Debian Oval Importer Affected by VCID-62nh-5871-aaar None 36.1.0
2025-04-12T18:11:19.559702+00:00 Debian Oval Importer Affected by VCID-67up-vtns-aaak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T18:05:46.786858+00:00 Debian Oval Importer Affected by VCID-62nh-5871-aaar https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:24:36.047777+00:00 Debian Oval Importer Affected by VCID-dqer-jfgw-aaaq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-08T07:39:37.381171+00:00 Debian Oval Importer Affected by VCID-62nh-5871-aaar https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T03:22:33.056811+00:00 Debian Oval Importer Affected by VCID-dqer-jfgw-aaaq https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-07T21:36:40.092501+00:00 Debian Oval Importer Affected by VCID-67up-vtns-aaak None 36.0.0
2025-04-07T15:31:40.597392+00:00 Debian Oval Importer Affected by VCID-dqer-jfgw-aaaq None 36.0.0
2025-04-07T14:24:19.034319+00:00 Debian Oval Importer Affected by VCID-62nh-5871-aaar None 36.0.0
2024-11-29T04:22:12.119936+00:00 Debian Oval Importer Affected by VCID-62nh-5871-aaar https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-28T07:22:37.594598+00:00 Debian Oval Importer Affected by VCID-dqer-jfgw-aaaq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-10-14T11:29:25.234149+00:00 Debian Oval Importer Affected by VCID-62nh-5871-aaar https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-13T20:01:31.892370+00:00 Debian Oval Importer Affected by VCID-dqer-jfgw-aaaq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-09-21T09:00:35.835451+00:00 Debian Oval Importer Affected by VCID-62nh-5871-aaar https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-21T02:30:09.838769+00:00 Debian Oval Importer Affected by VCID-dqer-jfgw-aaaq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1