CVE-2021-38371

Updated: 2023-11-04 20:11:27.343799

Description:

The STARTTLS feature in Exim through 4.94.2 allows response injection (buffering) during MTA SMTP sending.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 5
CVSS Version 3.x HIGH 7.5

Status

OS name Project name Version Score Severity Status Errata Last updated
CentOS 6 ELS exim 4.92.3 7.5 HIGH Released CLSA-2023:1687794906 2023-07-06 11:15:08
CentOS 8.4 ELS exim 4.94.2 7.5 HIGH Already Fixed 2023-06-19 14:12:55
CentOS 8.5 ELS exim 4.94.2 7.5 HIGH Already Fixed 2023-06-19 14:12:54
CloudLinux 6 ELS exim 4.92.3 7.5 HIGH Released CLSA-2023:1687795105 2023-07-06 11:15:07
Oracle Linux 6 ELS exim 4.92.3 7.5 HIGH Released CLSA-2023:1687795205 2023-06-26 14:14:13
Ubuntu 16.04 ELS exim 4.86.2 7.5 HIGH Released CLSA-2023:1688070370 2023-06-29 17:14:59
Ubuntu 18.04 ELS exim 4.90.1 7.5 HIGH Released CLSA-2023:1687795531 2023-06-26 14:06:43