Lucene search
OracleLinuxELSA-2024-6529HistorySep 10, 2024 - 12:00 a.m.
dovecot security update
2024-09-1000:00:00
linux.oracle.com
13
dovecot
security update
cve-2024-23184
cve-2024-23185
resource exhaustion
denial of service
rhel-55211
rhel-55225
unix
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.2
Confidence
High
EPSS
0
Percentile
9.6%
[1:2.3.16-11.1]
- fix CVE-2024-23184: using a large number of address headers may trigger a denial of service (RHEL-55211)
- fix CVE-2024-23185: very large headers can cause resource exhaustion when parsing message (RHEL-55225)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 9 | src | dovecot | < 2.3.16-11.el9_4.1 | dovecot-2.3.16-11.el9_4.1.src.rpm |
| oracle linux | 9 | src | dovecot | < 2.3.16-11.el9_4.1 | dovecot-2.3.16-11.el9_4.1.src.rpm |
| oracle linux | 9 | aarch64 | dovecot | < 2.3.16-11.el9_4.1 | dovecot-2.3.16-11.el9_4.1.aarch64.rpm |
| oracle linux | 9 | aarch64 | dovecot-devel | < 2.3.16-11.el9_4.1 | dovecot-devel-2.3.16-11.el9_4.1.aarch64.rpm |
| oracle linux | 9 | aarch64 | dovecot-mysql | < 2.3.16-11.el9_4.1 | dovecot-mysql-2.3.16-11.el9_4.1.aarch64.rpm |
| oracle linux | 9 | aarch64 | dovecot-pgsql | < 2.3.16-11.el9_4.1 | dovecot-pgsql-2.3.16-11.el9_4.1.aarch64.rpm |
| oracle linux | 9 | aarch64 | dovecot-pigeonhole | < 2.3.16-11.el9_4.1 | dovecot-pigeonhole-2.3.16-11.el9_4.1.aarch64.rpm |
| oracle linux | 9 | src | dovecot | < 2.3.16-11.el9_4.1 | dovecot-2.3.16-11.el9_4.1.src.rpm |
| oracle linux | 9 | src | dovecot | < 2.3.16-11.el9_4.1 | dovecot-2.3.16-11.el9_4.1.src.rpm |
| oracle linux | 9 | i686 | dovecot | < 2.3.16-11.el9_4.1 | dovecot-2.3.16-11.el9_4.1.i686.rpm |
Related
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:3118-1)
2024-09-04 00:00:00
Fedora: Security Advisory (FEDORA-2024-ba5bb9f63a)
2024-09-10 00:00:00
Dovecot 2.2.x < 2.3.21.1 Multiple Vulnerabilities
2024-08-15 00:00:00
nessus
nessus
Debian dla-3860 : dovecot-auth-lua - security update
2024-09-02 00:00:00
Fedora 40 : dovecot (2024-e23e8a3f1e)
2024-08-28 00:00:00
Ubuntu 24.04 LTS : Dovecot vulnerabilities (USN-6982-1)
2024-09-02 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: dovecot-2.3.21.1-1.fc39
2024-08-28 02:22:26
[SECURITY] Fedora 40 Update: dovecot-2.3.21.1-1.fc40
2024-08-28 02:37:07
redhat
redhat
(RHSA-2024:6529) Moderate: dovecot security update
2024-09-10 11:06:27
(RHSA-2024:6465) Moderate: dovecot security update
2024-09-09 01:03:03
osv
osv
dovecot - security update
2024-09-02 00:00:00
Security update for dovecot23
2024-09-03 15:08:50
Moderate: dovecot security update
2024-09-10 00:00:00
slackware
slackware
[slackware-security] dovecot
2024-08-14 19:37:56
packetstorm
packetstorm
Dovecot IMAP Server 2.2 / 2.3 Denial Of Service
2024-08-19 00:00:00
Dovecot IMAP Server 2.2 / 2.3 Missing Rate Limiting
2024-08-19 00:00:00
ubuntu
ubuntu
Dovecot vulnerabilities
2024-09-02 00:00:00
almalinux
almalinux
Moderate: dovecot security update
2024-09-10 00:00:00
rocky
rocky
dovecot security update
2024-09-17 00:55:55
mageia
mageia
Updated packages fix security vulnerabilities
2024-08-17 19:55:51
freebsd
freebsd
Dovecot -- DoS
2024-08-14 00:00:00
debiancve
debiancve
CVE-2024-23184
2024-09-10 15:15:14
CVE-2024-23185
2024-09-10 15:15:14
redhatcve
redhatcve
CVE-2024-23184
2024-08-19 21:09:25
CVE-2024-23185
2024-08-19 21:09:35
alpinelinux
alpinelinux
CVE-2024-23185
2024-09-10 15:15:14
CVE-2024-23184
2024-09-10 15:15:14
cvelist
cvelist
CVE-2024-23185
2024-09-10 14:38:50
CVE-2024-23184
2024-09-10 14:33:34
cve
cve
CVE-2024-23185
2024-09-10 15:15:14
CVE-2024-23184
2024-09-10 15:15:14
nvd
nvd
CVE-2024-23185
2024-09-10 15:15:14
CVE-2024-23184
2024-09-10 15:15:14
vulnrichment
vulnrichment
CVE-2024-23185
2024-09-10 14:38:50
CVE-2024-23184
2024-09-10 14:33:34
ubuntucve
ubuntucve
CVE-2024-23185
2024-08-24 00:00:00
CVE-2024-23184
2024-08-24 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.2
Confidence
High
EPSS
0
Percentile
9.6%
Related for ELSA-2024-6529