Your submission was sent successfully! Close

CVE-2020-3811

Published: 26 May 2020

qmail-verify as used in netqmail 1.06 is prone to a mail-address verification bypass vulnerability.

From the Ubuntu security team

It was discovered that netqmail did not properly handle certain input when validating email addresses. An attacker could use this to bypass email address validation.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
netqmail
Launchpad, Ubuntu, Debian
bionic
Released (1.06-6.2~deb10u1build0.18.04.1)
eoan Ignored
(reached end-of-life)
focal
Released (1.06-6.2~deb10u1build0.20.04.1)
groovy Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (1.06-6.2, 1.6-6.2~deb10u1, 1.6-6.2~deb9u1, 1.6-6.2~deb8u1,,,)
xenial
Released (1.06-6.2~deb10u1build0.16.04.1)