Known Vulnerabilities for products from Postfix
Listed below are 10 of the newest known vulnerabilities associated with the vendor "Postfix".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-12063 | ** DISPUTED ** A certain Postfix 2.10.1-7 package could allow an attacker to send an email from an arbitrary-looking sender v... | 5.3 - MEDIUM | 2020-04-24 | 2023-11-07 |
| CVE-2017-10140 | Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privi... | 7.8 - HIGH | 2018-04-16 | 2020-07-15 |
| CVE-2012-0811 | Multiple SQL injection vulnerabilities in Postfix Admin (aka postfixadmin) before 2.3.5 allow remote authenticated users to e... | 6.5 - MEDIUM | 2014-10-01 | 2014-10-02 |
| CVE-2011-1720 | The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus... | 6.8 - MEDIUM | 2011-05-13 | 2023-11-07 |
| CVE-2011-0411 | The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x before 2.5.12, 2.6.x before 2.6.9, and 2.7.x before 2.7.3 d... | 6.8 - MEDIUM | 2011-03-16 | 2021-08-10 |
| CVE-2009-2939 | The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to ... | 6.9 - MEDIUM | 2009-09-21 | 2011-08-24 |
| CVE-2008-4977 | ** DISPUTED ** postfix_groups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary files via a symlink attack on th... | 6.9 - MEDIUM | 2008-11-06 | 2023-11-07 |
| CVE-2008-3889 | Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel, leaks epoll fil... | 2.1 - LOW | 2008-09-12 | 2018-10-11 |
| CVE-2008-2937 | Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recip... | 1.9 - LOW | 2008-08-18 | 2018-10-11 |
| CVE-2008-2936 | Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports ha... | 6.2 - MEDIUM | 2008-08-18 | 2023-11-07 |
Known software with vulnerabilities from Postfix
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Postfix | Postfix | 2.0.0 |