CVE-2024-34055

Опубликовано: 05 июн. 2024

Источник: debian

Описание

Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause unbounded memory allocation by sending many LITERALs in a single command.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
cyrus-imapd	fixed	3.8.3-1		package
cyrus-imapd	ignored		bullseye	package
cyrus-imapd	ignored		buster	package

Примечания

https://cyrus.topicbox.com/groups/announce/Ta8e3998446caf7f8/cyrus-imap-3-8-3-3-6-5-and-3-4-8-released

Связанные уязвимости

CVE-2024-34055

CVSS3: 6.5

ubuntu

больше 1 года назад

Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause unbounded memory allocation by sending many LITERALs in a single command.

CVE-2024-34055

CVSS3: 6.5

redhat

больше 1 года назад

Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause unbounded memory allocation by sending many LITERALs in a single command.

CVE-2024-34055

CVSS3: 6.5

nvd

больше 1 года назад

Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause unbounded memory allocation by sending many LITERALs in a single command.

RLSA-2024:9195

rocky

8 месяцев назад

Moderate: cyrus-imapd security update

GHSA-crp5-539g-qwq6

CVSS3: 6.5

github

больше 1 года назад

Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause unbounded memory allocation by sending many LITERALs in a single command.