Lucene search
K

47 matches found

OSV
OSV
added 2025/07/31 6:39 p.m.7 views

CLSA-2025-1753987188 dovecot: Fix of CVE-2024-23185

CVE-2024-23185: fix resource exhaustion caused by very large headers when parsing messages...

7.5CVSS6.9AI score0.01284EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.4 views

TencentOS Server 3: dovecot (TSSA-2024:0516)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0516 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.5CVSS7.5AI score0.01284EPSS
Exploits2References3
Amazon
Amazon
added 2024/12/19 12:0 a.m.6 views

Medium: dovecot

Issue Overview: Dovecot reports: A DoS is possible with a large number of address headers or abnormally large email headers. CVE-2024-23185 Affected Packages: dovecot Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Cor...

7.5CVSS7AI score0.01284EPSS
Exploits1
Amazon
Amazon
added 2024/12/12 12:0 a.m.5 views

Medium: dovecot

Issue Overview: Dovecot reports: A DoS is possible with a large number of address headers or abnormally large email headers. CVE-2024-23184 Dovecot reports: A DoS is possible with a large number of address headers or abnormally large email headers. CVE-2024-23185 Affected Packages: dovecot Issue...

7.5CVSS6.8AI score0.01284EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2024/12/11 12:0 a.m.8 views

Amazon Linux 2023 : dovecot, dovecot-devel, dovecot-mysql (ALAS2023-2024-785)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-785 advisory. Dovecot reports: A DoS is possible with a large number of address headers or abnormally large email headers. CVE-2024-23184 Dovecot reports: A DoS is possible with a large number of address...

7.5CVSS6.8AI score0.01284EPSS
Exploits2References6
Rockylinux
Rockylinux
added 2024/09/30 2:30 p.m.14 views

dovecot security update

An update is available for dovecot. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Dovecot is an IMAP server for Linux and other UNIX-like systems, written...

7.5CVSS7.5AI score0.01284EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2024/09/25 12:0 a.m.10 views

AlmaLinux 8 : dovecot (ALSA-2024:6973)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6973 advisory. dovecot: using a large number of address headers may trigger a denial of service CVE-2024-23184 dovecot: very large headers can cause resource exhaustion...

7.5CVSS7.2AI score0.01284EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2024/09/24 2:57 a.m.319 views

Moderate: Red Hat Security Advisory: dovecot security update

An update for dovecot is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.5CVSS6.8AI score0.01284EPSS
Exploits2References3
Oracle linux
Oracle linux
added 2024/09/24 12:0 a.m.20 views

dovecot security update

1:2.3.16-6 - fix CVE-2024-23185: very large headers can cause resource exhaustion when parsing message RHEL-55219 - fix CVE-2024-23184: using a large number of address headers may trigger a denial of service RHEL-55206...

7.5CVSS7.3AI score0.01284EPSS
Exploits2
OSV
OSV
added 2024/09/24 12:0 a.m.12 views

ALSA-2024:6973 Moderate: dovecot security update

Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fixes: doveco...

7.5CVSS6.9AI score0.01284EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2024/09/24 12:0 a.m.16 views

RHEL 8 : dovecot (RHSA-2024:6973)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6973 advisory. Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3...

7.5CVSS7.3AI score0.01284EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2024/09/24 12:0 a.m.13 views

Oracle Linux 8 : dovecot (ELSA-2024-6973)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6973 advisory. - fix CVE-2024-23185: very large headers can cause resource exhaustion when parsing message RHEL-55219 Tenable has extracted the preceding description...

7.5CVSS6.8AI score0.01284EPSS
Exploits2References3
AlmaLinux
AlmaLinux
added 2024/09/24 12:0 a.m.29 views

Moderate: dovecot security update

Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fixes: doveco...

7.5CVSS8AI score0.01284EPSS
Exploits2References6
Rockylinux
Rockylinux
added 2024/09/17 12:55 a.m.11 views

dovecot security update

An update is available for dovecot. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Dovecot is an IMAP server for Linux and other UNIX-like systems, written...

7.5CVSS7.5AI score0.01284EPSS
Exploits2
OpenVAS
OpenVAS
added 2024/09/17 12:0 a.m.10 views

Ubuntu: Security Advisory (USN-7013-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.01284EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2024/09/11 12:0 a.m.16 views

AlmaLinux 9 : dovecot (ALSA-2024:6529)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6529 advisory. dovecot: using a large number of address headers may trigger a denial of service CVE-2024-23184 dovecot: very large headers can cause resource exhaustion...

7.5CVSS7.2AI score0.01284EPSS
Exploits2References3
NVD
NVD
added 2024/09/10 3:15 p.m.11 views

CVE-2024-23185

Very large headers can cause resource exhaustion when parsing message. The message-parser normally reads reasonably sized chunks of the message. However, when it feeds them to message-header-parser, it starts building up "fullvalue" buffer out of the smaller chunks. The fullvalue buffer has no si...

7.5CVSS0.01284EPSS
Exploits1References4
OSV
OSV
added 2024/09/10 3:15 p.m.3 views

AZL-48984 CVE-2024-23185 affecting package dovecot 2.3.20-1

Very large headers can cause resource exhaustion when parsing message. The message-parser normally reads reasonably sized chunks of the message. However, when it feeds them to message-header-parser, it starts building up "fullvalue" buffer out of the smaller chunks. The fullvalue buffer has no si...

7.5CVSS7.5AI score0.01284EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/09/10 2:38 p.m.14 views

CVE-2024-23185

Very large headers can cause resource exhaustion when parsing message. The message-parser normally reads reasonably sized chunks of the message. However, when it feeds them to message-header-parser, it starts building up "fullvalue" buffer out of the smaller chunks. The fullvalue buffer has no si...

7.5CVSS7.3AI score0.01284EPSS
Exploits1References1
AlpineLinux
AlpineLinux
added 2024/09/10 2:38 p.m.17 views

CVE-2024-23185

Very large headers can cause resource exhaustion when parsing message. The message-parser normally reads reasonably sized chunks of the message. However, when it feeds them to message-header-parser, it starts building up "fullvalue" buffer out of the smaller chunks. The fullvalue buffer has no si...

7.5CVSS7.5AI score0.01284EPSS
Exploits1
Rows per page
Query Builder