Alpine Project Alpine 2.19.991

CPE Details

Alpine Project Alpine 2.19.991
alpine_project
alpine
2.19.991
2022-11-03
12h14 +00:00
2022-11-03
12h30 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:alpine_project:alpine:2.19.991:*:*:*:*:*:*:*

Informations

Vendor

alpine_project

Product

alpine

Version

2.19.991

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-46853 2022-11-03 00h00 +00:00 Alpine before 2.25 allows remote attackers to cause a denial of service (application crash) when LIST or LSUB is sent before STARTTLS.
5.9
Medium
CVE-2021-38370 2021-08-09 22h00 +00:00 In Alpine before 2.25, untagged responses from an IMAP server are accepted before STARTTLS.
5.9
Medium
CVE-2020-14929 2020-06-19 16h58 +00:00 Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do.
7.5
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.