Your submission was sent successfully! Close

CVE-2021-38371

Published: 10 August 2021

The STARTTLS feature in Exim through 4.94.2 allows response injection (buffering) during MTA SMTP sending.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
exim4
Launchpad, Ubuntu, Debian
bionic Deferred
(2022-05-26)
focal Deferred
(2022-05-26)
hirsute Ignored
(reached end-of-life)
impish Deferred
(2022-05-26)
jammy Deferred
(2022-05-26)
trusty Deferred
(2022-05-26)
upstream Needs triage

xenial Deferred
(2022-05-26)

Notes

AuthorNote
mdeslaur
as of 2022-05-26, the upstream advisory has not been published
yet, and there are no details on what fixes this issue.

References