AZL-7196 CVE-2021-33515 affecting package dovecot for versions less than 2.3.20-1

The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp. Sensitive information can be redirected to an attacker-controlled address...

Dovecot Memory Corruption Vulnerability

Dovecot is an open source based on Linux/UNIX-like systems IMAP and POP3 mail server . A security vulnerability exists in Dovecot version 2.3.9 and later fixed in version 2.3.9.3, which stems from the incorrect handling of truncated UTF-8 data by lib-smtp in submission-login and lmtp. An attacker...