CVE-2024-34055

Опубликовано: 05 июн. 2024

Источник: debian

EPSS Низкий

Описание

Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause unbounded memory allocation by sending many LITERALs in a single command.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
cyrus-imapd	fixed	3.8.3-1		package
cyrus-imapd	ignored		bullseye	package
cyrus-imapd	ignored		buster	package

Примечания

https://cyrus.topicbox.com/groups/announce/Ta8e3998446caf7f8/cyrus-imap-3-8-3-3-6-5-and-3-4-8-released

EPSS

Процентиль: 53%

0.00299

Низкий

Связанные уязвимости

CVE-2024-34055

CVSS3: 6.5

ubuntu

около 1 года назад

Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause unbounded memory allocation by sending many LITERALs in a single command.

CVE-2024-34055

CVSS3: 6.5

redhat

около 1 года назад

Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause unbounded memory allocation by sending many LITERALs in a single command.

CVE-2024-34055

CVSS3: 6.5

nvd

около 1 года назад

Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause unbounded memory allocation by sending many LITERALs in a single command.

GHSA-crp5-539g-qwq6

CVSS3: 6.5

github

около 1 года назад

Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause unbounded memory allocation by sending many LITERALs in a single command.

ELSA-2024-9195

oracle-oval

9 месяцев назад

ELSA-2024-9195: cyrus-imapd security update (MODERATE)

EPSS

Процентиль: 53%

0.00299

Низкий