5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
0.004 Low
EPSS
Percentile
73.9%
Alpine before 2.25 allows remote attackers to cause a denial of service (application crash) when LIST or LSUB is sent before STARTTLS.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | alpine | < 2.25+dfsg1-1 | alpine_2.25+dfsg1-1_all.deb |
Debian | 11 | all | alpine | <= 2.24+dfsg1-1 | alpine_2.24+dfsg1-1_all.deb |
Debian | 10 | all | alpine | <= 2.21+dfsg1-1.1 | alpine_2.21+dfsg1-1.1_all.deb |
Debian | 999 | all | alpine | < 2.25+dfsg1-1 | alpine_2.25+dfsg1-1_all.deb |
Debian | 13 | all | alpine | < 2.25+dfsg1-1 | alpine_2.25+dfsg1-1_all.deb |