rpm package
almalinux/dovecot-mysql
pkg:rpm/almalinux/dovecot-mysql
Vulnerabilities (9)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-27858 | Hig | 7.5 | < 1:2.3.21-16.el10_1.1 | 1:2.3.21-16.el10_1.1 | Mar 27, 2026 | Attacker can send a specifically crafted message before authentication that causes managesieve to allocate large amount of memory. Attacker can force managesieve-login to be unavailable by repeatedly crashing the process. Protect access to managesieve protocol, or install fixed | |
| CVE-2026-27857 | Med | 4.3 | < 1:2.3.21-16.el10_1.1 | 1:2.3.21-16.el10_1.1 | Mar 27, 2026 | Sending "NOOP (((...)))" command with 4000 parenthesis open+close results in ~1MB extra memory usage. Longer commands will result in client disconnection. This 1 MB can be left allocated for longer time periods by not sending the command ending LF. So attacker could connect possi | |
| CVE-2025-59032 | Hig | 7.5 | < 1:2.3.21-16.el10_1.1 | 1:2.3.21-16.el10_1.1 | Mar 27, 2026 | ManageSieve AUTHENTICATE command crashes when using literal as SASL initial response. This can be used to crash ManageSieve service repeatedly, making it unavailable for other users. Control access to ManageSieve port, or disable the service if it's not needed. Alternatively upgr | |
| CVE-2024-23185 | Hig | 7.5 | < 1:2.3.16-11.el9_4.1 | 1:2.3.16-11.el9_4.1 | Sep 10, 2024 | Very large headers can cause resource exhaustion when parsing message. The message-parser normally reads reasonably sized chunks of the message. However, when it feeds them to message-header-parser, it starts building up "full_value" buffer out of the smaller chunks. The full_val | |
| CVE-2024-23184 | Med | 5.0 | < 1:2.3.16-11.el9_4.1 | 1:2.3.16-11.el9_4.1 | Sep 10, 2024 | Having a large number of address headers (From, To, Cc, Bcc, etc.) becomes excessively CPU intensive. With 100k header lines CPU usage is already 12 seconds, and in a production environment we observed 500k header lines taking 18 minutes to parse. Since this can be triggered by e | |
| CVE-2022-30550 | — | < 1:2.3.16-3.el8 | 1:2.3.16-3.el8 | Jul 17, 2022 | An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied | ||
| CVE-2021-33515 | — | < 1:2.3.16-2.el8 | 1:2.3.16-2.el8 | Jun 28, 2021 | The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp. Sensitive information can be redirected to an attacker-controlled address. | ||
| CVE-2020-24386 | — | < 1:2.3.8-9.el8 | 1:2.3.8-9.el8 | Jan 4, 2021 | An issue was discovered in Dovecot before 2.3.13. By using IMAP IDLE, an authenticated attacker can trigger unhibernation via attacker-controlled parameters, leading to access to other users' email messages (and path disclosure). | ||
| CVE-2020-25275 | — | < 1:2.3.8-9.el8 | 1:2.3.8-9.el8 | Jan 4, 2021 | Dovecot before 2.3.13 has Improper Input Validation in lda, lmtp, and imap, leading to an application crash via a crafted email message with certain choices for ten thousand MIME parts. |
- affected < 1:2.3.21-16.el10_1.1fixed 1:2.3.21-16.el10_1.1
Attacker can send a specifically crafted message before authentication that causes managesieve to allocate large amount of memory. Attacker can force managesieve-login to be unavailable by repeatedly crashing the process. Protect access to managesieve protocol, or install fixed
- affected < 1:2.3.21-16.el10_1.1fixed 1:2.3.21-16.el10_1.1
Sending "NOOP (((...)))" command with 4000 parenthesis open+close results in ~1MB extra memory usage. Longer commands will result in client disconnection. This 1 MB can be left allocated for longer time periods by not sending the command ending LF. So attacker could connect possi
- affected < 1:2.3.21-16.el10_1.1fixed 1:2.3.21-16.el10_1.1
ManageSieve AUTHENTICATE command crashes when using literal as SASL initial response. This can be used to crash ManageSieve service repeatedly, making it unavailable for other users. Control access to ManageSieve port, or disable the service if it's not needed. Alternatively upgr
- affected < 1:2.3.16-11.el9_4.1fixed 1:2.3.16-11.el9_4.1
Very large headers can cause resource exhaustion when parsing message. The message-parser normally reads reasonably sized chunks of the message. However, when it feeds them to message-header-parser, it starts building up "full_value" buffer out of the smaller chunks. The full_val
- affected < 1:2.3.16-11.el9_4.1fixed 1:2.3.16-11.el9_4.1
Having a large number of address headers (From, To, Cc, Bcc, etc.) becomes excessively CPU intensive. With 100k header lines CPU usage is already 12 seconds, and in a production environment we observed 500k header lines taking 18 minutes to parse. Since this can be triggered by e
- CVE-2022-30550Jul 17, 2022affected < 1:2.3.16-3.el8fixed 1:2.3.16-3.el8
An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied
- CVE-2021-33515Jun 28, 2021affected < 1:2.3.16-2.el8fixed 1:2.3.16-2.el8
The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp. Sensitive information can be redirected to an attacker-controlled address.
- CVE-2020-24386Jan 4, 2021affected < 1:2.3.8-9.el8fixed 1:2.3.8-9.el8
An issue was discovered in Dovecot before 2.3.13. By using IMAP IDLE, an authenticated attacker can trigger unhibernation via attacker-controlled parameters, leading to access to other users' email messages (and path disclosure).
- CVE-2020-25275Jan 4, 2021affected < 1:2.3.8-9.el8fixed 1:2.3.8-9.el8
Dovecot before 2.3.13 has Improper Input Validation in lda, lmtp, and imap, leading to an application crash via a crafted email message with certain choices for ten thousand MIME parts.