Critical severity9.8NVD Advisory· Published Feb 18, 2022· Updated Jun 17, 2026
CVE-2021-3657
CVE-2021-3657
Description
A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large (>=2GiB) IMAP literals, malicious or compromised IMAP servers, and hypothetically even external email senders, could cause several different buffer overflows, which could conceivably be exploited for remote code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- mbsync/mbsyncdescription
Patches
Vulnerability mechanics
References
4- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- lists.debian.org/debian-lts-announce/2022/07/msg00001.htmlnvdMailing ListThird Party Advisory
- security.gentoo.org/glsa/202208-15nvdThird Party Advisory
- www.openwall.com/lists/oss-security/2021/12/03/1nvdMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.