CVE-2021-36386

Source
https://nvd.nist.gov/vuln/detail/CVE-2021-36386
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-36386.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-36386
Related
Published
2021-07-30T14:15:18Z
Modified
2024-10-12T07:53:09.461735Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

reportvbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf valist argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. NOTE: it is unclear whether use of Fetchmail on any realistic platform results in an impact beyond an inconvenience to the client user.

References

Affected packages

Debian:11 / fetchmail

Package

Name
fetchmail
Purl
pkg:deb/debian/fetchmail?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.4.16-4

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / fetchmail

Package

Name
fetchmail
Purl
pkg:deb/debian/fetchmail?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.4.16-4

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / fetchmail

Package

Name
fetchmail
Purl
pkg:deb/debian/fetchmail?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.4.16-4

Ecosystem specific

{
    "urgency": "unimportant"
}

Git / gitlab.com/fetchmail/fetchmail

Affected ranges

Type
GIT
Repo
https://gitlab.com/fetchmail/fetchmail
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

Other

BRANCH_6-3
RELEASE_1-0-0
RELEASE_1-8-0
RELEASE_1-9-0
RELEASE_1-9-2
RELEASE_1-9-3
RELEASE_1-9-4
RELEASE_1-9-5
RELEASE_1-9-6
RELEASE_1-9-8
RELEASE_1-9-9
RELEASE_1-9a
RELEASE_2-0-0
RELEASE_2-1-0
RELEASE_2-1-1
RELEASE_2-1-2
RELEASE_2-1-3
RELEASE_2-2-0
RELEASE_2-3-0
RELEASE_2-4-0
RELEASE_2-4-0bis
RELEASE_2-6-0
RELEASE_2-7-0
RELEASE_2-8-0
RELEASE_2-8bis
RELEASE_2-8tris
RELEASE_3-0-0
RELEASE_3-3-0
RELEASE_3-3-1
RELEASE_3-4-0
RELEASE_3-5-0
RELEASE_3-6-0
RELEASE_3-7-0
RELEASE_3-8-0
RELEASE_3-9-0
RELEASE_3-9-1
RELEASE_3-9-2
RELEASE_3-9-3
RELEASE_3-9-4
RELEASE_3-9-5
RELEASE_3-9-6
RELEASE_3-9-7
RELEASE_3-9-8
RELEASE_4-0-0
RELEASE_4-0-0bis
RELEASE_4-0-1
RELEASE_4-0-3
RELEASE_4-0-4
RELEASE_4-0-5
RELEASE_4-0-8
RELEASE_4-1-0
RELEASE_4-1-1
RELEASE_4-1-2
RELEASE_4-1-5
RELEASE_4-1-6
RELEASE_4-1-7
RELEASE_4-1-8
RELEASE_4-2-0
RELEASE_4-2-1
RELEASE_4-2-3
RELEASE_4-2-4
RELEASE_4-2-5
RELEASE_4-2-6
RELEASE_4-2-7
RELEASE_4-2-9
RELEASE_4-3-0
RELEASE_4-3-1
RELEASE_4-3-2
RELEASE_4-3-3
RELEASE_4-3-4
RELEASE_4-3-5
RELEASE_4-3-6
RELEASE_4-3-7
RELEASE_4-3-8
RELEASE_4-3-8bis
RELEASE_4-3-9
RELEASE_4-4-0
RELEASE_4-4-2
RELEASE_4-4-3
RELEASE_4-4-4
RELEASE_4-4-5
RELEASE_4-4-5bis
RELEASE_4-4-6
RELEASE_4-4-6bis
RELEASE_4-4-7
RELEASE_4-4-8
RELEASE_4-4-9
RELEASE_4-5-0
RELEASE_4-5-0bis
RELEASE_4-5-1
RELEASE_4-5-2
RELEASE_4-5-3
RELEASE_4-5-4
RELEASE_4-5-5
RELEASE_4-5-6
RELEASE_4-5-7
RELEASE_4-5-8
RELEASE_4-6-0
RELEASE_4-6-1
RELEASE_4-6-2
RELEASE_4-6-3
RELEASE_4-6-4
RELEASE_4-6-5
RELEASE_4-6-6
RELEASE_4-6-7
RELEASE_4-6-8
RELEASE_4-6-9
RELEASE_4-7-0
RELEASE_4-7-1
RELEASE_4-7-2
RELEASE_4-7-3
RELEASE_4-7-4
RELEASE_4-7-5
RELEASE_4-7-6
RELEASE_4-7-7
RELEASE_4-7-8
RELEASE_4-7-9
RELEASE_5-0-0
RELEASE_5-0-2
RELEASE_5-0-3
RELEASE_5-0-4
RELEASE_5-0-5
RELEASE_5-0-6
RELEASE_5-0-7
RELEASE_5-0-8
RELEASE_5-1-1
RELEASE_5-1-2
RELEASE_5-1-3
RELEASE_5-1-4
RELEASE_5-2-3
RELEASE_5-2-4
RELEASE_5-2-5
RELEASE_5-2-6
RELEASE_5-2-7
RELEASE_5-2-8
RELEASE_5-3-0
RELEASE_5-3-1
RELEASE_5-3-3
RELEASE_5-3-4
RELEASE_5-3-5
RELEASE_5-3-6
RELEASE_5-3-7
RELEASE_5-3-8
RELEASE_5-4-0
RELEASE_5-4-1
RELEASE_5-4-3
RELEASE_5-4-4
RELEASE_5-4-5
RELEASE_5-5-0
RELEASE_5-5-1
RELEASE_5-5-2
RELEASE_5-5-3
RELEASE_5-5-4
RELEASE_5-5-5
RELEASE_5-5-6
RELEASE_5-6-0
RELEASE_5-6-1
RELEASE_5-6-2
RELEASE_5-6-4
RELEASE_5-6-5
RELEASE_5-6-6
RELEASE_5-6-7
RELEASE_5-6-8
RELEASE_5-7-0
RELEASE_5-7-1
RELEASE_5-7-2
RELEASE_5-7-3
RELEASE_5-7-4
RELEASE_5-7-5
RELEASE_5-7-6
RELEASE_5-7-7
RELEASE_5-8-10
RELEASE_5-8-11
RELEASE_5-8-12
RELEASE_5-8-15
RELEASE_5-8-16
RELEASE_5-8-17
RELEASE_5-8-3
RELEASE_5-8-4
RELEASE_5-8-5
RELEASE_5-8-7
RELEASE_5-8-8
RELEASE_5-9-0
RELEASE_5-9-1
RELEASE_5-9-10
RELEASE_5-9-11
RELEASE_5-9-12
RELEASE_5-9-13
RELEASE_5-9-14
RELEASE_5-9-2
RELEASE_5-9-3
RELEASE_5-9-5
RELEASE_5-9-6
RELEASE_5-9-7
RELEASE_5-9-9
RELEASE_6-0-0
RELEASE_6-1-0
RELEASE_6-1-1
RELEASE_6-1-2
RELEASE_6-1-3
RELEASE_6-2-0
RELEASE_6-2-1
RELEASE_6-2-2
RELEASE_6-2-3
RELEASE_6-2-4
RELEASE_6-2-5
RELEASE_6-3-0
RELEASE_6-3-1
RELEASE_6-3-10
RELEASE_6-3-11
RELEASE_6-3-12
RELEASE_6-3-13
RELEASE_6-3-14
RELEASE_6-3-15
RELEASE_6-3-16
RELEASE_6-3-17
RELEASE_6-3-18
RELEASE_6-3-19
RELEASE_6-3-2
RELEASE_6-3-20
RELEASE_6-3-21
RELEASE_6-3-22
RELEASE_6-3-23
RELEASE_6-3-24
RELEASE_6-3-25
RELEASE_6-3-26
RELEASE_6-3-2_4678
RELEASE_6-3-3
RELEASE_6-3-4
RELEASE_6-3-5
RELEASE_6-3-6
RELEASE_6-3-7
RELEASE_6-3-8
RELEASE_6-3-8_5093
RELEASE_6-3-9
RELEASE_6-3-9_5248
RELEASE_6-4-0
RELEASE_6-4-1
RELEASE_6-4-10
RELEASE_6-4-11
RELEASE_6-4-12
RELEASE_6-4-13
RELEASE_6-4-14
RELEASE_6-4-15
RELEASE_6-4-16
RELEASE_6-4-17
RELEASE_6-4-18
RELEASE_6-4-19
RELEASE_6-4-2
RELEASE_6-4-3
RELEASE_6-4-4
RELEASE_6-4-5
RELEASE_6-4-6
RELEASE_6-4-7
RELEASE_6-4-8
RELEASE_6-4-9
SNAPSHOT-6_2_6-pre5
SNAPSHOT-6_2_6-pre6
SNAPSHOT-6_2_6-pre7
SNAPSHOT-6_2_6-pre8
SNAPSHOT-6_2_6-pre9
SNAPSHOT-6_2_9-rc1
SNAPSHOT-6_2_9-rc10
SNAPSHOT-6_2_9-rc2
SNAPSHOT-6_2_9-rc3
SNAPSHOT-6_2_9-rc4
SNAPSHOT-6_2_9-rc5
SNAPSHOT-6_2_9-rc6
SNAPSHOT-6_2_9-rc7
SNAPSHOT-6_2_9-rc8
SNAPSHOT-6_2_9-rc9
SNAPSHOT-6_4_0_beta2
SNAPSHOT-6_4_0_beta3
SNAPSHOT-6_4_0_beta4
SNAPSHOT-6_4_0_beta5
SNAPSHOT-6_4_0_rc1
SNAPSHOT-6_4_0_rc2
SNAPSHOT-6_4_0_rc3
SNAPSHOT-6_4_0_rc4
SNAPSHOT-6_4_2_rc1
SNAPSHOT-6_4_2_rc2
SNAPSHOT-6_4_2_rc3
SNAPSHOT_6-2-6-pre3
SNAPSHOT_6-2-6-pre4
SNAPSHOT_6-3-1-rc1
SNAPSHOT_6-3-10-beta1
SNAPSHOT_6-3-15-beta1
SNAPSHOT_6-3-15-beta2
SNAPSHOT_6-3-15-beta3
SNAPSHOT_6-3-17-pre1
SNAPSHOT_6-3-18-pre1
SNAPSHOT_6-3-18-pre2
SNAPSHOT_6-3-19-pre1
SNAPSHOT_6-3-2-rc1
SNAPSHOT_6-3-2-rc2
SNAPSHOT_6-3-2-rc3
SNAPSHOT_6-3-2-rc4
SNAPSHOT_6-3-20-pre1
SNAPSHOT_6-3-20-rc2
SNAPSHOT_6-3-20-rc3
SNAPSHOT_6-3-3-rc1
SNAPSHOT_6-3-3-rc2
SNAPSHOT_6-3-4-rc1
SNAPSHOT_6-3-4-rc2
SNAPSHOT_6-3-5-beta1
SNAPSHOT_6-3-5-beta2
SNAPSHOT_6-3-5-beta3
SNAPSHOT_6-3-6-rc1
SNAPSHOT_6-3-6-rc2
SNAPSHOT_6-3-6-rc3
SNAPSHOT_6-3-6-rc4
SNAPSHOT_6-3-6-rc5
SNAPSHOT_6-3-7-rc1
SNAPSHOT_6-3-8-rc1
SNAPSHOT_6-3-8-rc2
SNAPSHOT_6-3-8-rc3
SNAPSHOT_6-3-9-rc1
SNAPSHOT_6-3-9-rc2
SNAPSHOT_6-3-9-rc3
SNAPSHOT_6-4-13-rc1
SNAPSHOT_6-4-13-rc2
SNAPSHOT_6-4-16-rc1
SNAPSHOT_6-4-18-rc1
SNAPSHOT_6-4-3-beta1
SNAPSHOT_6-4-3-rc1
SNAPSHOT_6-4-3-rc2
SNAPSHOT_6-4-5-rc1
SNAPSHOT_6-4-5-rc2
before-automake
p302a