Search for packages
| purl | pkg:deb/debian/sendmail@8.14.4-8%2Bdeb8u2 |
| Next non-vulnerable version | 8.17.1.9-2+deb12u2 |
| Latest non-vulnerable version | 8.17.1.9-2+deb12u2 |
| Risk | 2.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-ptnv-fwch-aaag
Aliases: CVE-2023-51765 |
sendmail through at least 8.14.7 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports <LF>.<CR><LF> but some other popular e-mail servers do not. |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-04-13T01:20:54.129757+00:00 | Debian Oval Importer | Affected by | VCID-ptnv-fwch-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-13T00:51:26.579023+00:00 | Debian Oval Importer | Affected by | VCID-ptnv-fwch-aaag | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |