aiosmtpd

PyPI2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting aiosmtpdpage 1 of 1

CVE-2024-27305MEDIUMCVSS 5.3EG 5.3✓ Fixed in 1.4.5
2024-03-12
vulnerable: 1.0 ... 1.4.4.post2 (24 versions)
aiosmtpd is a reimplementation of the Python stdlib smtpd.py based on asyncio. aiosmtpd is vulnerable to inbound SMTP smuggling. SMTP smuggling is a novel vulnerability based on not so novel interpretation differences of the SMTP protocol.…
CVE-2024-34083MEDIUMCVSS 5.4EG 5.4✓ Fixed in 1.4.6
2024-05-18
vulnerable: 1.0 ... 1.4.5 (25 versions)
aiosmptd is a reimplementation of the Python stdlib smtpd.py based on asyncio. Prior to version 1.4.6, servers based on aiosmtpd accept extra unencrypted commands after STARTTLS, treating them as if they came from inside the encrypted con…

Check whether aiosmtpd is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for aiosmtpd CVEs against the assets you own.

Start Free Scan →