github.com/foxcpp/maddy

Go4 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting github.com/foxcpp/maddypage 1 of 1

CVE-2021-42583HIGHCVSS 7.5EG 7.5✓ Fixed in 0.5.2
2021-12-28
A Broken or Risky Cryptographic Algorithm exists in Max Mazurov Maddy before 0.5.2, which is an unnecessary risk that may result in the exposure of sensitive information.
CVE-2022-24732MEDIUMCVSS 6.3EG 6.3✓ Fixed in 0.5.4
2022-03-09
Maddy Mail Server is an open source SMTP compatible email server. Versions of maddy prior to 0.5.4 do not implement password expiry or account expiry checking when authenticating using PAM. Users are advised to upgrade. Users unable to upg…
CVE-2023-27582CRITICALCVSS 9.1EG 9.1✓ Fixed in 0.6.3
2023-03-13
maddy is a composable, all-in-one mail server. Starting with version 0.2.0 and prior to version 0.6.3, maddy allows a full authentication bypass if SASL authorization username is specified when using the PLAIN authentication mechanisms. In…
CVE-2026-40193HIGHCVSS 8.2EG 8.2✓ Fixed in 0.9.3
2026-04-16
maddy is a composable, all-in-one mail server. Versions prior to 0.9.3 contain an LDAP injection vulnerability in the auth.ldap module where user-supplied usernames are interpolated into LDAP search filters and DN strings via strings.Repla…

Check whether github.com/foxcpp/maddy is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for github.com/foxcpp/maddy CVEs against the assets you own.

Start Free Scan →