CVE-2022-31138

CVE-2022-31138 affects mailcow-dockerized prior to version 2022-06a, where an extended privilege vulnerability allows code execution via user-controlled imapsync parameters such as regexmess, skipmess, regexflag, delete2foldersonly, delete2foldersbutnot, regextrans2, pipemess, or maxlinelengthcmd...