Search CVE reports

Toggle filters

1 – 5 of 5 results

CVE-2021-46853

Medium priority
Fixed

Alpine before 2.25 allows remote attackers to cause a denial of service (application crash) when LIST or LSUB is sent before STARTTLS.

1 affected package

alpine

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
alpine Not affected Not affected Fixed Fixed
Show less packages

CVE-2021-38370

Medium priority

Some fixes available 3 of 8

In Alpine before 2.25, untagged responses from an IMAP server are accepted before STARTTLS.

1 affected package

alpine

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
alpine Not affected Not affected Fixed Fixed
Show less packages

CVE-2020-14929

Medium priority

Some fixes available 13 of 14

Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the...

1 affected package

alpine

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
alpine Fixed Fixed Fixed Fixed
Show less packages

CVE-2015-2305

Medium priority

Some fixes available 31 of 85

Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to...

23 affected packages

clamav, radare2, librcsb-core-wrapper, efl, alpine...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
clamav Fixed Fixed Fixed Fixed
radare2 Not affected Not in release Not affected Not affected
librcsb-core-wrapper Not affected Not affected Not affected Not affected
efl Not affected Not affected Not affected Not affected
alpine Not affected Not affected Not affected Not affected
ptlib Not in release Not in release Not in release Not affected
nvi Not affected Not affected Not affected Not affected
openrpt Not in release Not in release Not in release Vulnerable
cups Not affected Not affected Not affected Not affected
haskell-regex-posix Not affected Not affected Not affected Not affected
llvm-toolchain-3.4 Not in release Not in release Not in release Not in release
llvm-toolchain-3.5 Not in release Not in release Not in release Not in release
llvm-toolchain-3.6 Not in release Not in release Not in release Not in release
newlib Not affected Not affected Not affected Not affected
olsrd Not in release Not in release Not in release Not affected
php5 Not in release Not in release Not in release Not in release
sma Not affected Not affected Not affected Not affected
vigor Not affected Not affected Not affected Not affected
vnc4 Not in release Not in release Not in release Not affected
yap Not in release Not in release Not in release Not affected
z88dk Not in release Not in release Not in release Not in release
knews Not affected Not affected Not affected Not affected
llvm-toolchain-snapshot Not in release Not in release Not in release Not in release
Show all 23 packages Show less packages

CVE-2008-5005

Medium priority
Ignored

Multiple stack-based buffer overflows in (1) University of Washington IMAP Toolkit 2002 through 2007c, (2) University of Washington Alpine 2.00 and earlier, and (3) Panda IMAP allow (a) local users to gain privileges by specifying...

2 affected packages

alpine, uw-imap

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
alpine
uw-imap
Show less packages