CVE-2024-34055

Опубликовано: 05 июн. 2024

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause unbounded memory allocation by sending many LITERALs in a single command.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cyrusimap:cyrus_imap:*:*:*:*:*:*:*:*

Версия до 3.8.3 (исключая)

cpe:2.3:a:cyrusimap:cyrus_imap:3.10.0:alpha0:*:*:*:*:*:*

cpe:2.3:a:cyrusimap:cyrus_imap:3.10.0:beta1:*:*:*:*:*:*

cpe:2.3:a:cyrusimap:cyrus_imap:3.10.0:beta2:*:*:*:*:*:*

EPSS

Процентиль: 55%

0.00324

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-770

Связанные уязвимости

CVE-2024-34055

CVSS3: 6.5

ubuntu

около 1 года назад

Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause unbounded memory allocation by sending many LITERALs in a single command.

CVE-2024-34055

CVSS3: 6.5

redhat

около 1 года назад

Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause unbounded memory allocation by sending many LITERALs in a single command.

CVE-2024-34055

CVSS3: 6.5

debian

около 1 года назад

Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authentica ...

GHSA-crp5-539g-qwq6

CVSS3: 6.5

github

около 1 года назад

Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause unbounded memory allocation by sending many LITERALs in a single command.

ELSA-2024-9195

oracle-oval

9 месяцев назад

ELSA-2024-9195: cyrus-imapd security update (MODERATE)

EPSS

Процентиль: 55%

0.00324

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-770