9 matches found
CLSA-2026-1778173027 dovecot: Fix of CVE-2026-27858
CVE-2026-27858: fix unbounded memory allocation in managesieve-login when AUTHENTICATE initial response literal size is excessively large...
CLSA-2026-1778172123 dovecot: Fix of CVE-2026-27858
CVE-2026-27858: fix unbounded memory allocation in managesieve-login when AUTHENTICATE initial response literal size is excessively large...
OPENSUSE-SU-2026:20554-1 Security update for dovecot24
This update for dovecot24 fixes the following issues: - Update to v2.4.3 - CVE-2025-59028: Invalid base64 authentication can cause DoS for other logins bsc1260894. - CVE-2025-59031: decode2text.sh OOXML extraction may follow symlinks and read unintended files during indexing bsc1260895. -...
Linux Distros Unpatched Vulnerability : CVE-2026-27858
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Attacker can send a specifically crafted message before authentication that causes managesieve to allocate large amount of memory. Attacker can force...
CVE-2026-27858
Attacker can send a specifically crafted message before authentication that causes managesieve to allocate large amount of memory. Attacker can force managesieve-login to be unavailable by repeatedly crashing the process. Protect access to managesieve protocol, or install fixed version. No public...
CVE-2026-27858
Attacker can send a specifically crafted message before authentication that causes managesieve to allocate large amount of memory. Attacker can force managesieve-login to be unavailable by repeatedly crashing the process. Protect access to managesieve protocol, or install fixed version. No public...
CVE-2026-27858
Attacker can send a specifically crafted message before authentication that causes managesieve to allocate large amount of memory. Attacker can force managesieve-login to be unavailable by repeatedly crashing the process. Protect access to managesieve protocol, or install fixed version. No public...
CVE-2026-27858
CVE-2026-27858 affects the managesieve component. An attacker can send a specially crafted message before authentication that causes managesieve to allocate a large amount of memory, and can force the managesieve-login process to become unavailable by repeated crashes. The practical impact is pot...
CVE-2026-27858
Attacker can send a specifically crafted message before authentication that causes managesieve to allocate large amount of memory. Attacker can force managesieve-login to be unavailable by repeatedly crashing the process. Protect access to managesieve protocol, or install fixed version. No public...