Search for packages
Package details: pkg:deb/debian/sendmail@8.15.2-14~deb10u1
purl pkg:deb/debian/sendmail@8.15.2-14~deb10u1
Next non-vulnerable version 8.17.1.9-2+deb12u2
Latest non-vulnerable version 8.17.1.9-2+deb12u2
Risk 3.4
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-naz4-k1th-aaad
Aliases:
CVE-2021-3618
ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
8.15.2-22+deb11u3
Affected by 1 other vulnerability.
8.17.1.9-2
Affected by 1 other vulnerability.
8.17.1.9-2+deb12u2
Affected by 0 other vulnerabilities.
VCID-ptnv-fwch-aaag
Aliases:
CVE-2023-51765
sendmail through at least 8.14.7 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports <LF>.<CR><LF> but some other popular e-mail servers do not.
8.15.2-22+deb11u3
Affected by 1 other vulnerability.
8.17.2-1~bpo12+1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T15:25:34.927364+00:00 Debian Importer Affected by VCID-naz4-k1th-aaad None 36.1.3
2025-06-21T06:00:05.335483+00:00 Debian Importer Affected by VCID-ptnv-fwch-aaag https://security-tracker.debian.org/tracker/data/json 36.1.3
2025-06-20T23:20:23.059571+00:00 Debian Importer Affected by VCID-naz4-k1th-aaad https://security-tracker.debian.org/tracker/data/json 36.1.3
2025-04-13T01:20:54.139453+00:00 Debian Oval Importer Affected by VCID-ptnv-fwch-aaag https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-13T00:51:26.591021+00:00 Debian Oval Importer Affected by VCID-ptnv-fwch-aaag https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-05T11:57:01.898935+00:00 Debian Importer Affected by VCID-naz4-k1th-aaad None 36.0.0
2025-04-05T03:14:53.134776+00:00 Debian Importer Affected by VCID-ptnv-fwch-aaag https://security-tracker.debian.org/tracker/data/json 36.0.0
2025-04-04T02:00:46.518152+00:00 Debian Importer Affected by VCID-naz4-k1th-aaad https://security-tracker.debian.org/tracker/data/json 36.0.0
2025-02-21T15:04:58.214298+00:00 Debian Importer Affected by VCID-ptnv-fwch-aaag https://security-tracker.debian.org/tracker/data/json 35.1.0
2025-02-20T02:34:38.143500+00:00 Debian Importer Affected by VCID-naz4-k1th-aaad https://security-tracker.debian.org/tracker/data/json 35.1.0
2025-02-20T02:34:36.694238+00:00 Debian Importer Affected by VCID-naz4-k1th-aaad None 35.1.0
2024-05-20T15:10:06.582025+00:00 Debian Importer Affected by VCID-ptnv-fwch-aaag https://security-tracker.debian.org/tracker/data/json 34.0.0rc4
2024-04-25T01:48:26.668640+00:00 Debian Importer Affected by VCID-naz4-k1th-aaad https://security-tracker.debian.org/tracker/data/json 34.0.0rc4
2024-04-25T01:48:24.830451+00:00 Debian Importer Affected by VCID-naz4-k1th-aaad None 34.0.0rc4
2024-01-11T02:46:56.276257+00:00 Debian Importer Affected by VCID-naz4-k1th-aaad https://security-tracker.debian.org/tracker/data/json 34.0.0rc2
2024-01-11T02:46:39.046419+00:00 Debian Importer Affected by VCID-naz4-k1th-aaad None 34.0.0rc2
2024-01-04T15:02:39.532372+00:00 Debian Importer Affected by VCID-naz4-k1th-aaad https://security-tracker.debian.org/tracker/data/json 34.0.0rc1
2024-01-04T15:02:30.503298+00:00 Debian Importer Affected by VCID-naz4-k1th-aaad None 34.0.0rc1