logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2021-36386

Description

report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf va_list argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. NOTE: it is unclear whether use of Fetchmail on any realistic platform results in an impact beyond an inconvenience to the client user.


Affected Package


OS OS Version Package Name Package Version
Debian 12 fetchmail 6.4.16-4
Debian 11 fetchmail 6.4.16-4
Debian 10 fetchmail 6.4.0~beta4-3+deb10u1
Debian 999 fetchmail 6.4.16-4

Related