4 matches found
CVE-2025-59028
When sending invalid base64 SASL data, login process is disconnected from the auth server, causing all active authentication sessions to fail. Invalid BASE64 data can be used to DoS a vulnerable server to break concurrent logins. Install fixed version or disable concurrency in login processes hea...
CVE-2025-59028
When sending invalid base64 SASL data, login process is disconnected from the auth server, causing all active authentication sessions to fail. Invalid BASE64 data can be used to DoS a vulnerable server to break concurrent logins. Install fixed version or disable concurrency in login processes hea...
CVE-2025-59028
When sending invalid base64 SASL data, login process is disconnected from the auth server, causing all active authentication sessions to fail. Invalid BASE64 data can be used to DoS a vulnerable server to break concurrent logins. Install fixed version or disable concurrency in login processes hea...
CVE-2025-59028
CVE-2025-59028 affects Dovecot’s authentication path where invalid base64 SASL data can disconnect from the auth server, causing DoS of concurrent logins. Public advisories (openSUSE/SUSE openSUSE:20554-1, SLES16 SUSE-SU-2026:21208-1, Ubuntu USN-8136-1) indicate the issue in the dovecot24 package...