2 matches found
MGASA-2024-0198 Updated perl-Email-MIME packages fix security vulnerabilities
An excessive memory use issue CWE-770 exists in Email-MIME, before version 1.954, which can cause denial of service when parsing multipart MIME messages. The patch set from 2020 and 2024 limits excessive depth and the total number of parts. CVE-2024-4140...
MGASA-2021-0078 Updated perl-Email-MIME and perl-Email-MIME-ContentType packages fix security vulnerability
Messages with too many tiny nested MIME parts can lead to memory exhaustion on split, resulting in denial of service rhbz1835353 This update limits the number of nested MIME parts to 10 by default, to avoid a possible memory exhaustion issue with lots of tiny MIME parts...