Уязвимость GHSA-89g9-v7q6-px25

CVE-2021-29157

CVSS3: 7.5

ubuntu

больше 4 лет назад

Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver.

CVE-2021-29157

CVSS3: 6.3

redhat

больше 4 лет назад

Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver.

CVE-2021-29157

CVSS3: 7.5

nvd

больше 4 лет назад

Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver.

CVE-2021-29157

CVSS3: 5.5

msrc

около 4 лет назад

Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver.

CVE-2021-29157

CVSS3: 7.5

debian

больше 4 лет назад

Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with acce ...

exploitDog

GHSA-89g9-v7q6-px25

Описание

Ссылки

CVE ID

Дефекты

Связанные уязвимости

CVE ID

Дефекты