Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:opensmtpd:opensmtpd:6.8.0:-:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-29323 |
ascii_load_sockaddr in smtpd in OpenBSD before 7.1 errata 024 and 7.2 before errata 020, and OpenSMTPD Portable before 7.0.0-portable commit f748277, can abort upon a connection from a local, scoped IPv6 address. Published: April 04, 2023; 7:15:07 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2020-35680 |
smtpd/lka_filter.c in OpenSMTPD before 6.8.0p1, in certain configurations, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted pattern of client activity, because the filter state machine does not properly maintain the I/O channel between the SMTP engine and the filters layer. Published: December 24, 2020; 11:15:15 AM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2020-35679 |
smtpd/table.c in OpenSMTPD before 6.8.0p1 lacks a certain regfree, which might allow attackers to trigger a "very significant" memory leak via messages to an instance that performs many regex lookups. Published: December 24, 2020; 11:15:15 AM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |