Lucene search
K

5 matches found

OSV
OSV
added 2021/06/28 12:15 p.m.26 views

CVE-2021-29157

Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver...

5.5CVSS6.6AI score
Exploits0References5
Prion
Prion
added 2021/06/28 12:15 p.m.27 views

Path traversal

Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver...

2.1CVSS5.2AI score0.0047EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 2021/06/28 11:58 a.m.34 views

CVE-2021-29157

Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver...

7.5CVSS6.5AI score0.0047EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2021/06/28 11:58 a.m.36 views

CVE-2021-29157

Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver...

7.5CVSS5.8AI score0.0047EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2021/06/21 12:0 p.m.33 views

CVE-2021-29157

Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver...

7.5CVSS6.8AI score0.0047EPSS
Exploits0References4
Rows per page
Query Builder