Количество 17
Количество 17
CVE-2021-29157
Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver.
CVE-2021-29157
Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver.
CVE-2021-29157
Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver.
CVE-2021-29157
Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver.
CVE-2021-29157
Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with acce ...
GHSA-89g9-v7q6-px25
Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver.
BDU:2021-03234
Уязвимость почтового сервера Dovecot, связанная с ошибками экранирования полей kid и azp в токенах JWT, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
openSUSE-SU-2021:2892-1
Security update for dovecot23
openSUSE-SU-2021:2123-1
Security update for dovecot23
openSUSE-SU-2021:1225-1
Security update for dovecot23
openSUSE-SU-2021:0920-1
Security update for dovecot23
SUSE-SU-2021:2892-1
Security update for dovecot23
SUSE-SU-2021:2891-1
Security update for dovecot23
SUSE-SU-2021:2890-1
Security update for dovecot23
SUSE-SU-2021:2124-1
Security update for dovecot23
SUSE-SU-2021:2123-1
Security update for dovecot23
SUSE-SU-2021:2122-1
Security update for dovecot23
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-29157 Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver. | CVSS3: 7.5 | 0% Низкий | больше 4 лет назад |
 | CVE-2021-29157 Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver. | CVSS3: 6.3 | 0% Низкий | больше 4 лет назад |
 | CVE-2021-29157 Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver. | CVSS3: 7.5 | 0% Низкий | больше 4 лет назад |
 | CVE-2021-29157 Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver. | CVSS3: 5.5 | 0% Низкий | около 4 лет назад |
| CVE-2021-29157 Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with acce ... | CVSS3: 7.5 | 0% Низкий | больше 4 лет назад |
| GHSA-89g9-v7q6-px25 Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver. | 0% Низкий | больше 3 лет назад | |
 | BDU:2021-03234 Уязвимость почтового сервера Dovecot, связанная с ошибками экранирования полей kid и azp в токенах JWT, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации | CVSS3: 5.1 | 0% Низкий | больше 4 лет назад |
 | openSUSE-SU-2021:2892-1 Security update for dovecot23 | больше 4 лет назад | ||
| openSUSE-SU-2021:2123-1 Security update for dovecot23 | больше 4 лет назад | ||
| openSUSE-SU-2021:1225-1 Security update for dovecot23 | больше 4 лет назад | ||
| openSUSE-SU-2021:0920-1 Security update for dovecot23 | больше 4 лет назад | ||
| SUSE-SU-2021:2892-1 Security update for dovecot23 | больше 4 лет назад | ||
| SUSE-SU-2021:2891-1 Security update for dovecot23 | больше 4 лет назад | ||
| SUSE-SU-2021:2890-1 Security update for dovecot23 | больше 4 лет назад | ||
| SUSE-SU-2021:2124-1 Security update for dovecot23 | больше 4 лет назад | ||
| SUSE-SU-2021:2123-1 Security update for dovecot23 | больше 4 лет назад | ||
| SUSE-SU-2021:2122-1 Security update for dovecot23 | больше 4 лет назад |
Уязвимостей на страницу