CVE-2025-61962
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-61962
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-61962.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-61962
- Downstream
- Related
- Published
- 2025-10-04T03:15:37Z
- Modified
- 2025-11-06T01:21:18.603248Z
- Severity
-
- 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In fetchmail before 6.5.6, the SMTP client can crash when authenticating upon receiving a 334 status code in a malformed context.
- References
Affected packages
Git / gitlab.com/fetchmail/fetchmail
Affected ranges
- Type
- GIT
- Repo
- https://gitlab.com/fetchmail/fetchmail
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
6.*
6.5.0
6.5.0.beta1
6.5.0.beta10
6.5.0.beta2
6.5.0.beta3
6.5.0.beta4
6.5.0.beta5
6.5.0.beta6
6.5.0.beta7
6.5.0.beta8
6.5.0.beta9
6.5.0.dev20200711a
6.5.0.dev20200711b
6.5.0.rc1
6.5.0.rc2
6.5.1
6.5.1.rc1
6.5.2
6.5.3
6.5.4
6.5.5
6.5.5.rc1
Other
BRANCH_6-3
RELEASE_1-0-0
RELEASE_1-8-0
RELEASE_1-9-0
RELEASE_1-9-2
RELEASE_1-9-3
RELEASE_1-9-4
RELEASE_1-9-5
RELEASE_1-9-6
RELEASE_1-9-8
RELEASE_1-9-9
RELEASE_1-9a
RELEASE_2-0-0
RELEASE_2-1-0
RELEASE_2-1-1
RELEASE_2-1-2
RELEASE_2-1-3
RELEASE_2-2-0
RELEASE_2-3-0
RELEASE_2-4-0
RELEASE_2-4-0bis
RELEASE_2-6-0
RELEASE_2-7-0
RELEASE_2-8-0
RELEASE_2-8bis
RELEASE_2-8tris
RELEASE_3-0-0
RELEASE_3-3-0
RELEASE_3-3-1
RELEASE_3-4-0
RELEASE_3-5-0
RELEASE_3-6-0
RELEASE_3-7-0
RELEASE_3-8-0
RELEASE_3-9-0
RELEASE_3-9-1
RELEASE_3-9-2
RELEASE_3-9-3
RELEASE_3-9-4
RELEASE_3-9-5
RELEASE_3-9-6
RELEASE_3-9-7
RELEASE_3-9-8
RELEASE_4-0-0
RELEASE_4-0-0bis
RELEASE_4-0-1
RELEASE_4-0-3
RELEASE_4-0-4
RELEASE_4-0-5
RELEASE_4-0-8
RELEASE_4-1-0
RELEASE_4-1-1
RELEASE_4-1-2
RELEASE_4-1-5
RELEASE_4-1-6
RELEASE_4-1-7
RELEASE_4-1-8
RELEASE_4-2-0
RELEASE_4-2-1
RELEASE_4-2-3
RELEASE_4-2-4
RELEASE_4-2-5
RELEASE_4-2-6
RELEASE_4-2-7
RELEASE_4-2-9
RELEASE_4-3-0
RELEASE_4-3-1
RELEASE_4-3-2
RELEASE_4-3-3
RELEASE_4-3-4
RELEASE_4-3-5
RELEASE_4-3-6
RELEASE_4-3-7
RELEASE_4-3-8
RELEASE_4-3-8bis
RELEASE_4-3-9
RELEASE_4-4-0
RELEASE_4-4-2
RELEASE_4-4-3
RELEASE_4-4-4
RELEASE_4-4-5
RELEASE_4-4-5bis
RELEASE_4-4-6
RELEASE_4-4-6bis
RELEASE_4-4-7
RELEASE_4-4-8
RELEASE_4-4-9
RELEASE_4-5-0
RELEASE_4-5-0bis
RELEASE_4-5-1
RELEASE_4-5-2
RELEASE_4-5-3
RELEASE_4-5-4
RELEASE_4-5-5
RELEASE_4-5-6
RELEASE_4-5-7
RELEASE_4-5-8
RELEASE_4-6-0
RELEASE_4-6-1
RELEASE_4-6-2
RELEASE_4-6-3
RELEASE_4-6-4
RELEASE_4-6-5
RELEASE_4-6-6
RELEASE_4-6-7
RELEASE_4-6-8
RELEASE_4-6-9
RELEASE_4-7-0
RELEASE_4-7-1
RELEASE_4-7-2
RELEASE_4-7-3
RELEASE_4-7-4
RELEASE_4-7-5
RELEASE_4-7-6
RELEASE_4-7-7
RELEASE_4-7-8
RELEASE_4-7-9
RELEASE_5-0-0
RELEASE_5-0-2
RELEASE_5-0-3
RELEASE_5-0-4
RELEASE_5-0-5
RELEASE_5-0-6
RELEASE_5-0-7
RELEASE_5-0-8
RELEASE_5-1-1
RELEASE_5-1-2
RELEASE_5-1-3
RELEASE_5-1-4
RELEASE_5-2-3
RELEASE_5-2-4
RELEASE_5-2-5
RELEASE_5-2-6
RELEASE_5-2-7
RELEASE_5-2-8
RELEASE_5-3-0
RELEASE_5-3-1
RELEASE_5-3-3
RELEASE_5-3-4
RELEASE_5-3-5
RELEASE_5-3-6
RELEASE_5-3-7
RELEASE_5-3-8
RELEASE_5-4-0
RELEASE_5-4-1
RELEASE_5-4-3
RELEASE_5-4-4
RELEASE_5-4-5
RELEASE_5-5-0
RELEASE_5-5-1
RELEASE_5-5-2
RELEASE_5-5-3
RELEASE_5-5-4
RELEASE_5-5-5
RELEASE_5-5-6
RELEASE_5-6-0
RELEASE_5-6-1
RELEASE_5-6-2
RELEASE_5-6-4
RELEASE_5-6-5
RELEASE_5-6-6
RELEASE_5-6-7
RELEASE_5-6-8
RELEASE_5-7-0
RELEASE_5-7-1
RELEASE_5-7-2
RELEASE_5-7-3
RELEASE_5-7-4
RELEASE_5-7-5
RELEASE_5-7-6
RELEASE_5-7-7
RELEASE_5-8-10
RELEASE_5-8-11
RELEASE_5-8-12
RELEASE_5-8-15
RELEASE_5-8-16
RELEASE_5-8-17
RELEASE_5-8-3
RELEASE_5-8-4
RELEASE_5-8-5
RELEASE_5-8-7
RELEASE_5-8-8
RELEASE_5-9-0
RELEASE_5-9-1
RELEASE_5-9-10
RELEASE_5-9-11
RELEASE_5-9-12
RELEASE_5-9-13
RELEASE_5-9-14
RELEASE_5-9-2
RELEASE_5-9-3
RELEASE_5-9-5
RELEASE_5-9-6
RELEASE_5-9-7
RELEASE_5-9-9
RELEASE_6-0-0
RELEASE_6-1-0
RELEASE_6-1-1
RELEASE_6-1-2
RELEASE_6-1-3
RELEASE_6-2-0
RELEASE_6-2-1
RELEASE_6-2-2
RELEASE_6-2-3
RELEASE_6-2-4
RELEASE_6-2-5
RELEASE_6-3-0
RELEASE_6-3-1
RELEASE_6-3-10
RELEASE_6-3-11
RELEASE_6-3-12
RELEASE_6-3-13
RELEASE_6-3-14
RELEASE_6-3-15
RELEASE_6-3-16
RELEASE_6-3-17
RELEASE_6-3-18
RELEASE_6-3-19
RELEASE_6-3-2
RELEASE_6-3-20
RELEASE_6-3-21
RELEASE_6-3-22
RELEASE_6-3-23
RELEASE_6-3-24
RELEASE_6-3-25
RELEASE_6-3-26
RELEASE_6-3-2_4678
RELEASE_6-3-3
RELEASE_6-3-4
RELEASE_6-3-5
RELEASE_6-3-6
RELEASE_6-3-7
RELEASE_6-3-8
RELEASE_6-3-8_5093
RELEASE_6-3-9
RELEASE_6-3-9_5248
RELEASE_6-4-0
RELEASE_6-4-1
RELEASE_6-4-10
RELEASE_6-4-11
RELEASE_6-4-12
RELEASE_6-4-13
RELEASE_6-4-14
RELEASE_6-4-15
RELEASE_6-4-16
RELEASE_6-4-17
RELEASE_6-4-18
RELEASE_6-4-19
RELEASE_6-4-2
RELEASE_6-4-20
RELEASE_6-4-21
RELEASE_6-4-22
RELEASE_6-4-23
RELEASE_6-4-24
RELEASE_6-4-25
RELEASE_6-4-26
RELEASE_6-4-27
RELEASE_6-4-28
RELEASE_6-4-29
RELEASE_6-4-3
RELEASE_6-4-30
RELEASE_6-4-31
RELEASE_6-4-32
RELEASE_6-4-33
RELEASE_6-4-34
RELEASE_6-4-35
RELEASE_6-4-36
RELEASE_6-4-37
RELEASE_6-4-38
RELEASE_6-4-39
RELEASE_6-4-4
RELEASE_6-4-5
RELEASE_6-4-6
RELEASE_6-4-7
RELEASE_6-4-8
RELEASE_6-4-9
SNAPSHOT-6-5-0-beta2
SNAPSHOT-6_2_6-pre5
SNAPSHOT-6_2_6-pre6
SNAPSHOT-6_2_6-pre7
SNAPSHOT-6_2_6-pre8
SNAPSHOT-6_2_6-pre9
SNAPSHOT-6_2_9-rc1
SNAPSHOT-6_2_9-rc10
SNAPSHOT-6_2_9-rc2
SNAPSHOT-6_2_9-rc3
SNAPSHOT-6_2_9-rc4
SNAPSHOT-6_2_9-rc5
SNAPSHOT-6_2_9-rc6
SNAPSHOT-6_2_9-rc7
SNAPSHOT-6_2_9-rc8
SNAPSHOT-6_2_9-rc9
SNAPSHOT-6_4_0_beta2
SNAPSHOT-6_4_0_beta3
SNAPSHOT-6_4_0_beta4
SNAPSHOT-6_4_0_beta5
SNAPSHOT-6_4_0_rc1
SNAPSHOT-6_4_0_rc2
SNAPSHOT-6_4_0_rc3
SNAPSHOT-6_4_0_rc4
SNAPSHOT-6_4_2_rc1
SNAPSHOT-6_4_2_rc2
SNAPSHOT-6_4_2_rc3
SNAPSHOT_6-2-6-pre3
SNAPSHOT_6-2-6-pre4
SNAPSHOT_6-3-1-rc1
SNAPSHOT_6-3-10-beta1
SNAPSHOT_6-3-15-beta1
SNAPSHOT_6-3-15-beta2
SNAPSHOT_6-3-15-beta3
SNAPSHOT_6-3-17-pre1
SNAPSHOT_6-3-18-pre1
SNAPSHOT_6-3-18-pre2
SNAPSHOT_6-3-19-pre1
SNAPSHOT_6-3-2-rc1
SNAPSHOT_6-3-2-rc2
SNAPSHOT_6-3-2-rc3
SNAPSHOT_6-3-2-rc4
SNAPSHOT_6-3-20-pre1
SNAPSHOT_6-3-20-rc2
SNAPSHOT_6-3-20-rc3
SNAPSHOT_6-3-3-rc1
SNAPSHOT_6-3-3-rc2
SNAPSHOT_6-3-4-rc1
SNAPSHOT_6-3-4-rc2
SNAPSHOT_6-3-5-beta1
SNAPSHOT_6-3-5-beta2
SNAPSHOT_6-3-5-beta3
SNAPSHOT_6-3-6-rc1
SNAPSHOT_6-3-6-rc2
SNAPSHOT_6-3-6-rc3
SNAPSHOT_6-3-6-rc4
SNAPSHOT_6-3-6-rc5
SNAPSHOT_6-3-7-rc1
SNAPSHOT_6-3-8-rc1
SNAPSHOT_6-3-8-rc2
SNAPSHOT_6-3-8-rc3
SNAPSHOT_6-3-9-rc1
SNAPSHOT_6-3-9-rc2
SNAPSHOT_6-3-9-rc3
SNAPSHOT_6-4-13-rc1
SNAPSHOT_6-4-13-rc2
SNAPSHOT_6-4-16-rc1
SNAPSHOT_6-4-18-rc1
SNAPSHOT_6-4-22-rc1
SNAPSHOT_6-4-22-rc2
SNAPSHOT_6-4-22-rc3
SNAPSHOT_6-4-25-rc1
SNAPSHOT_6-4-25-rc2
SNAPSHOT_6-4-25-rc3
SNAPSHOT_6-4-25-rc4
SNAPSHOT_6-4-3-beta1
SNAPSHOT_6-4-3-rc1
SNAPSHOT_6-4-3-rc2
SNAPSHOT_6-4-5-rc1
SNAPSHOT_6-4-5-rc2
SNAPSHOT_6-5-0-beta1
SNAPSHOT_6-5-0-beta3
SNAPSHOT_6-5-0-beta4
SNAPSHOT_6-5-0-beta5
SNAPSHOT_6-5-0-beta6
badmerge
before-automake
p302a
Database specific
vanir_signatures
[
{
"signature_version": "v1",
"source": "https://gitlab.com/fetchmail/fetchmail@4c3cebfa4e659fb778ca2cae0ccb3f69201609a8",
"deprecated": false,
"id": "CVE-2025-61962-a302b2e4",
"target": {
"function": "SMTP_auth",
"file": "smtp.c"
},
"digest": {
"function_hash": "72355136985886001851827610807957893427",
"length": 4077.0
},
"signature_type": "Function"
},
{
"signature_version": "v1",
"source": "https://gitlab.com/fetchmail/fetchmail@4c3cebfa4e659fb778ca2cae0ccb3f69201609a8",
"deprecated": false,
"id": "CVE-2025-61962-e965a5d6",
"target": {
"file": "smtp.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"4513686375981488362404074323313890909",
"105667422805144289163813776184598395838",
"54599167501396829001133377000538514605",
"234189643550913644802812752486961244004",
"4513686375981488362404074323313890909",
"105667422805144289163813776184598395838",
"54599167501396829001133377000538514605",
"234189643550913644802812752486961244004"
]
},
"signature_type": "Line"
}
]