Alpine Linux Development TeamALPINE:CVE-2017-15130CVE-2017-15130
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
6.2 Medium
AI Score
Confidence
High
0.007 Low
EPSS
Percentile
79.8%
A denial of service flaw was found in dovecot before 2.2.34. An attacker able to generate random SNI server names could exploit TLS SNI configuration lookups, leading to excessive memory usage and the process to restart.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | edge-main | noarch | dovecot | < 2.3.1-r0 | UNKNOWN |
| Alpine | 3.10-main | noarch | dovecot | < 2.3.1-r0 | UNKNOWN |
| Alpine | 3.11-main | noarch | dovecot | < 2.3.1-r0 | UNKNOWN |
| Alpine | 3.12-main | noarch | dovecot | < 2.3.1-r0 | UNKNOWN |
| Alpine | 3.13-main | noarch | dovecot | < 2.3.1-r0 | UNKNOWN |
| Alpine | 3.14-main | noarch | dovecot | < 2.3.1-r0 | UNKNOWN |
| Alpine | 3.15-main | noarch | dovecot | < 2.3.1-r0 | UNKNOWN |
| Alpine | 3.16-main | noarch | dovecot | < 2.3.1-r0 | UNKNOWN |
| Alpine | 3.17-main | noarch | dovecot | < 2.3.1-r0 | UNKNOWN |
| Alpine | 3.18-main | noarch | dovecot | < 2.3.1-r0 | UNKNOWN |
Related
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
6.2 Medium
AI Score
Confidence
High
0.007 Low
EPSS
Percentile
79.8%