CVE-2021-39272

Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH.
Configurations

Configuration 1

cpe:2.3:a:fetchmail:fetchmail:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*

Information

Published : 2021-08-30 06:15

Updated : 2022-10-28 01:18


NVD link : CVE-2021-39272

Mitre link : CVE-2021-39272

Products Affected
No products.
CWE
CWE-319

Cleartext Transmission of Sensitive Information