CLSA-2026-1779119949 cyrus-imapd: Fix of CVE-2024-34055

fix CVE-2024-34055: denial of service via memory exhaustion using oversized IMAP literals and command arguments - disable cassandane test runner on x8664 and aarch64 due to multiple unrelated mock-environment issues imaptest binary SIGSEGV, slow file I/O, alarm scheduling races; cunit which...

CVE-2026-34055

creationtimestamp| type| source ---|---|--- 2026-03-26 01:00:31+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhwfolx6lc2p 2026-03-26 01:05:28+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhwfxipqup2d 2026-03-26 17:20:09+00:00| seen|...

MiracleLinux 9 : cyrus-imapd-3.4.8-1.el9 (AXSA:2024-9200:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9200:03 advisory. cyrus-imapd: unbounded memory allocation by sending many LITERALs in a single command CVE-2024-34055 Tenable has extracted the preceding description block...

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in spring-boot-2.7.12.jar

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of spring-boot-2.7.12.jar Vulnerability Details CVEID:CVE-2023-34055 DESCRIPTION: In Spring Boot versions 2.7.0 - 2.7.17, 3.0.0-3.0.12 and 3.1.0-3.1.5, it is possible for a user to provide specially crafted HTTP requests that...

CVE-2025-34055

creationtimestamp| type| source ---|---|--- 2025-07-01 15:08:07+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/20052...

TencentOS Server 4: cyrus-imapd (TSSA-2024:1073)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1073 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Fedora: Security Advisory (FEDORA-2024-cfbdc342a2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RLSA-2024:9195 Moderate: cyrus-imapd security update

The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and SIEVE support. Security Fixes: cyrus-imapd: unbounded memory allocation by sending many LITERALs in a single command CVE-2024-34055 For more details about the security issues, including the impact, a CVSS...

Linux Distros Unpatched Vulnerability : CVE-2024-34055

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause unbounded memory allocation by sending many LITERALs in a single...

CVE-2024-34055

creationtimestamp| type| source ---|---|--- 2025-02-06 11:29:20+00:00| seen| https://infosec.exchange/users/cve/statuses/113956707363822061 2025-02-06 12:16:23+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhj2uxgonn2t 2025-02-06 13:33:18+00:00| seen|...

Oracle Linux 9 : cyrus-imapd (ELSA-2024-9195)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-9195 advisory. 3.4.8-1 - Update to 3.4.8, fixing CVE-2024-34055 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note th...

Fedora 41 : cyrus-imapd (2024-cfbdc342a2)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-cfbdc342a2 advisory. Automatic update for cyrus-imapd-3.8.3-1.fc41. Changelog Wed Jun 5 2024 Martin Osvald - 3.8.3-1 - Fix CVE-2024-34055 rhbz2290512 - Convert to %autorelease an...

cyrus-imapd security update

3.4.8-1 - Update to 3.4.8, fixing CVE-2024-34055...

Moderate: Red Hat Security Advisory: cyrus-imapd security update

An update for cyrus-imapd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

RHEL 9 : cyrus-imapd (RHSA-2024:9195)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:9195 advisory. The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and SIEVE support. Security Fixes: cyrus-imapd: unbounded memo...

Moderate: cyrus-imapd security update

The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and SIEVE support. Security Fixes: cyrus-imapd: unbounded memory allocation by sending many LITERALs in a single command CVE-2024-34055 For more details about the security issues, including the impact, a CVSS...

Fedora: Security Advisory (FEDORA-2024-f3e0255c75)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 5708-1] cyrus-imapd security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5708-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 11, 2024 https://www.debian.org/security/faq -...

CVE-2024-34055

CVE-2024-34055 affects Cyrus IMAPD before 3.8.3 and 3.10.x before 3.10.0-rc1. An attacker with authentication can trigger unbounded memory allocation by sending many LITERALs in a single command, enabling memory exhaustion (availability impact). Patches/releases: upgrade to Cyrus IMAPD 3.8.3 or 3...

CVE-2024-34055

Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause unbounded memory allocation by sending many LITERALs in a single command...