rpm package
opensuse/dovecot22&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/dovecot22&distro=openSUSE%20Tumbleweed
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-4983 | — | < 2.2.27-1.1 | 2.2.27-1.1 | Nov 5, 2019 | A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files. | ||
| CVE-2014-3430 | — | < 2.2.27-1.1 | 2.2.27-1.1 | May 14, 2014 | Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service (resource consumption) via an incomplete SSL/TLS handshake for an IMAP/POP3 connection. |
- CVE-2016-4983Nov 5, 2019affected < 2.2.27-1.1fixed 2.2.27-1.1
A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files.
- CVE-2014-3430May 14, 2014affected < 2.2.27-1.1fixed 2.2.27-1.1
Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service (resource consumption) via an incomplete SSL/TLS handshake for an IMAP/POP3 connection.