CVE-2021-39272

MEDIUM5.9EPSS 0.18%

Published: 8/30/2021Modified: 4/28/2026

Also known as:DEBIAN-CVE-2021-39272

Description

Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH.

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM5.9	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N