7 matches found
Dovecot 2.4.0 < 2.4.2 Improper Access Control Vulnerability
Dovecot is prone to an improper access control vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:dovecot:dovecot";...
openSUSE 16 Security Update : dovecot24 (openSUSE-SU-2025-20113-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2025-20113-1 advisory. - Update dovecot to 2.4.2: - CVE-2025-30189: Fixed users cached with same cache key when auth cache was enabled bsc1252839 - Changes - auth: Remove...
CVE-2025-30189
When cache is enabled, some passdb/userdb drivers incorrectly cache all users with same cache key, causing wrong cached information to be used for these users. After cached login, all subsequent logins are for same user. Install fixed version or disable caching either globally or for the impacted...
CVE-2025-30189
When cache is enabled, some passdb/userdb drivers incorrectly cache all users with same cache key, causing wrong cached information to be used for these users. After cached login, all subsequent logins are for same user. Install fixed version or disable caching either globally or for the impacted...
CVE-2025-30189
creationtimestamp| type| source ---|---|--- 2025-10-29 16:47:27+00:00| seen| https://seclists.org/oss-sec/2025/q4/97 2025-10-30 01:33:06+00:00| seen| https://schleuss.online/users/vulnbot/statuses/115460537325572111 2025-10-30 02:07:01+00:00| seen|...
Fedora: Security Advisory (FEDORA-2025-97d8911108)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 44 : dovecot (2025-d5eb72768a)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-d5eb72768a advisory. Automatic update for dovecot-2.4.1-6.fc44. Changelog Thu Oct 9 2025 Michal Hlavinka - 1:2.4.1-6 - fix CVE-2025-30189: users would end up overwriting each oth...