Vulnerabilidades em The Dovecot Project
3 resultadosCVE-2017-14461MEDIUMA specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensiEPSS 17.6%CVE-2017-15132—A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0. An abort of SASL authentication results in a memory leak in dovecot's auth client usEPSS 3.2%CVE-2017-15130—A denial of service flaw was found in dovecot before 2.2.34. An attacker able to generate random SNI server names could exploit TLS SNI confEPSS 2.6%