Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-19722

Опубликовано: 13 дек. 2019
Источник: nvd
CVSS3: 5.3
CVSS2: 5
EPSS Низкий

Описание

In Dovecot before 2.3.9.2, an attacker can crash a push-notification driver with a crafted email when push notifications are used, because of a NULL Pointer Dereference. The email must use a group address as either the sender or the recipient.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*
Версия до 2.3.9.2 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*

EPSS

Процентиль: 79%
0.01213
Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-476

Связанные уязвимости

ubuntu логотип

CVE-2019-19722

CVSS3: 5.3
ubuntu
около 6 лет назад

In Dovecot before 2.3.9.2, an attacker can crash a push-notification driver with a crafted email when push notifications are used, because of a NULL Pointer Dereference. The email must use a group address as either the sender or the recipient.

redhat логотип

CVE-2019-19722

CVSS3: 5.3
redhat
около 6 лет назад

In Dovecot before 2.3.9.2, an attacker can crash a push-notification driver with a crafted email when push notifications are used, because of a NULL Pointer Dereference. The email must use a group address as either the sender or the recipient.

debian логотип

CVE-2019-19722

CVSS3: 5.3
debian
около 6 лет назад

In Dovecot before 2.3.9.2, an attacker can crash a push-notification d ...

github логотип

GHSA-cpfv-hj4g-93jr

CVSS3: 5.3
github
больше 3 лет назад

In Dovecot before 2.3.9.2, an attacker can crash a push-notification driver with a crafted email when push notifications are used, because of a NULL Pointer Dereference. The email must use a group address as either the sender or the recipient.

EPSS

Процентиль: 79%
0.01213
Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-476